diff options
| author | Andrew Dolgov <[email protected]> | 2013-03-17 14:55:55 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2013-03-17 14:55:55 +0400 |
| commit | f01c8ec4f1324ed8b68e912220735af96c86883c (patch) | |
| tree | 22f516816d37d305c474242c796a55c449fba2af /classes | |
| parent | 26e2b1843332bfc12426e68f1e259b95c9e997f0 (diff) | |
prevent absolutely useless 'exploit' (not really) while editing filters (closes #572)
Diffstat (limited to 'classes')
| -rw-r--r-- | classes/pref/filters.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/classes/pref/filters.php b/classes/pref/filters.php index 74a29c619..20abae1d0 100644 --- a/classes/pref/filters.php +++ b/classes/pref/filters.php @@ -372,7 +372,7 @@ class Pref_Filters extends Handler_Protected { WHERE id = ".(int)$rule["filter_type"]); $match_on = db_fetch_result($result, 0, "description"); - return T_sprintf("%s on %s in %s", $rule["reg_exp"], $match_on, $feed); + return T_sprintf("%s on %s in %s", strip_tags($rule["reg_exp"]), $match_on, $feed); } function printRuleName() { |