From 95305a87286b272524dea28d9a57c7e9864d5e04 Mon Sep 17 00:00:00 2001
From: Fil <fil@rezo.net>
Date: Wed, 22 Feb 2006 08:27:12 +0000
Subject: [PATCH] =?UTF-8?q?securit=C3=A9=20de=20base=20sur=20self()?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ecrire/inc_utils.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ecrire/inc_utils.php b/ecrire/inc_utils.php
index 32356bd6fc..852fca9705 100644
--- a/ecrire/inc_utils.php
+++ b/ecrire/inc_utils.php
@@ -295,6 +295,9 @@ function self($root = false) {
 		.'lang|set_options|set_couleur|set_disp|set_ecran|show_docs'
 		.')=[^&]*,i', '', $url);
 
+	// eviter les hacks
+	$url = htmlspecialchars($url);
+
 	return $url;
 }
 
-- 
GitLab