Mirrors/grav
1
0
Fork 0
mirror of https://github.com/getgrav/grav.git synced 2025-02-20 19:56:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

more FILTER_SANITIZE_STRING fixes

Browse Source
This commit is contained in:
Andy Miller 2023-05-09 12:13:32 -06:00
parent 956c2993ae
commit 66463ddff3
No known key found for this signature in database
GPG Key ID: 9F2CF38AEBDB0AE0
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
system/src/Grav/Framework/Flex/Pages/Traits/PageLegacyTrait.php
View File

@ -366,9 +366,14 @@ trait PageLegacyTrait
*/
public function blueprintName(): string
{
$blueprint_name = filter_input(INPUT_POST, 'blueprint', FILTER_SANITIZE_STRING) ?: $this->template();
if (!isset($_POST['blueprint'])) {
return $this->template();
}
return $blueprint_name;
$post_value = $_POST['blueprint'];
$sanitized_value = htmlspecialchars(strip_tags($post_value), ENT_QUOTES, 'UTF-8');
return $sanitized_value ?: $this->template();
}
/**