1 files changed, 1 insertions, 1 deletions
diff --git a/src/controller/password.php b/src/controller/password.php
index 66a617a..074ffb1 100644
--- a/src/controller/password.php
+++ b/src/controller/password.php
@@ -155,7 +155,7 @@ function connect(LoginBuilder $builder, EntityManager $entityManager)
        else // c'est OK
        {
                $login = $_POST['login'];
-                $password = $_POST['password'];
+                $password = htmlspecialchars($_POST['password']);
                $user = getUser($login, $entityManager);
                // enregistrement et redirection

diff --git a/src/controller/password.php b/src/controller/password.php index 66a617a..074ffb1 100644 --- a/src/controller/password.php +++ b/src/controller/password.php
@@ -155,7 +155,7 @@ function connect(LoginBuilder $builder, EntityManager $entityManager)
155	else // c'est OK	155	else // c'est OK
156	{	156	{
157	$login = $_POST['login'];	157	$login = $_POST['login'];
158	$password = $_POST['password'];	158	$password = htmlspecialchars($_POST['password']);
159	$user = getUser($login, $entityManager);	159	$user = getUser($login, $entityManager);
160		160
161	// enregistrement et redirection	161	// enregistrement et redirection