oh putin

author: polo <ordipolo@gmx.fr> 2025-05-21 17:57:58 +0200
committer: polo <ordipolo@gmx.fr> 2025-05-21 17:57:58 +0200
commit: f452a7f6898a5c29519a6f1557fc8d4aa176954c (patch)
tree: 33fbe3f6f731bdfa969bdd1fa9c7499b59c148d1 /src/controller/password.php
parent: d5a636d328989ad950b88015f9b418e17652d8c8 (diff)
download: cms-f452a7f6898a5c29519a6f1557fc8d4aa176954c.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/controller/password.php b/src/controller/password.php
index 66a617a..074ffb1 100644
--- a/src/controller/password.php
+++ b/src/controller/password.php
@@ -155,7 +155,7 @@ function connect(LoginBuilder $builder, EntityManager $entityManager)
        else // c'est OK
        {
                $login = $_POST['login'];
-                $password = $_POST['password'];
+                $password = htmlspecialchars($_POST['password']);
                $user = getUser($login, $entityManager);
                // enregistrement et redirection
author	polo <ordipolo@gmx.fr>	2025-05-21 17:57:58 +0200
committer	polo <ordipolo@gmx.fr>	2025-05-21 17:57:58 +0200
commit	f452a7f6898a5c29519a6f1557fc8d4aa176954c (patch)
tree	33fbe3f6f731bdfa969bdd1fa9c7499b59c148d1 /src/controller/password.php
parent	d5a636d328989ad950b88015f9b418e17652d8c8 (diff)
download	cms-f452a7f6898a5c29519a6f1557fc8d4aa176954c.zip

diff --git a/src/controller/password.php b/src/controller/password.php index 66a617a..074ffb1 100644 --- a/src/controller/password.php +++ b/src/controller/password.php
@@ -155,7 +155,7 @@ function connect(LoginBuilder $builder, EntityManager $entityManager)
155	else // c'est OK	155	else // c'est OK
156	{	156	{
157	$login = $_POST['login'];	157	$login = $_POST['login'];
158	$password = $_POST['password'];	158	$password = htmlspecialchars($_POST['password']);
159	$user = getUser($login, $entityManager);	159	$user = getUser($login, $entityManager);
160		160
161	// enregistrement et redirection	161	// enregistrement et redirection