Revision 669
Added by thorn about 17 years ago
| login.php | ||
|---|---|---|
| 53 | 53 |
require_once(WB_PATH.'/framework/class.login.php'); |
| 54 | 54 |
|
| 55 | 55 |
// Create new login app |
| 56 |
$redirect = (isset($_REQUEST['redirect'])) ? $_REQUEST['redirect'] : '';
|
|
| 56 |
$redirect = strip_tags((isset($_REQUEST['redirect'])) ? $_REQUEST['redirect'] : '');
|
|
| 57 | 57 |
$thisApp = new Login( |
| 58 | 58 |
array( |
| 59 | 59 |
"MAX_ATTEMPS" => "3", |
Also available in: Unified diff
Fixed possible XSS in account/login.php and forgot-form.php