diff options
author | justdave%syndicomm.com <> | 2001-07-04 16:05:59 +0200 |
---|---|---|
committer | justdave%syndicomm.com <> | 2001-07-04 16:05:59 +0200 |
commit | f208e298e2ac9836c8138449a0691f6deb850c4a (patch) | |
tree | a6735fb37995456992708da6408226c5188b198b /globals.pl | |
parent | a9ead7b9778b67cc02ef2b3df51d08a5f88d4d52 (diff) | |
download | bugzilla-f208e298e2ac9836c8138449a0691f6deb850c4a.tar.gz bugzilla-f208e298e2ac9836c8138449a0691f6deb850c4a.tar.xz |
Fix for bug 87701: Invalid username in bug changes echoed back without escaping HTML data
Patch by Gervase Markham <gervase.markham@univ.ox.ac.uk>
r= justdave@syndicomm.com
Diffstat (limited to 'globals.pl')
-rw-r--r-- | globals.pl | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/globals.pl b/globals.pl index 81efb4745..736cb431a 100644 --- a/globals.pl +++ b/globals.pl @@ -695,6 +695,7 @@ sub DBname_to_id { sub DBNameToIdAndCheck { my ($name, $forceok) = (@_); + $name = html_quote($name); my $result = DBname_to_id($name); if ($result > 0) { return $result; |