Public_Tools/wavelog
2
0
Fork 0
mirror of https://github.com/wavelog/wavelog.git synced 2026-03-22 10:24:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

XSS Clean inputs on Station controller and model

Browse Source
This commit is contained in:
Peter Goodhall
2019-10-05 19:16:05 +01:00
parent 23e6dd66e1
commit f22b811e79
3 changed files with 50 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
application/controllers/Station.php
View File

@@ -63,7 +63,9 @@ class Station extends CI_Controller {
$this->load->model('stations');
$this->load->model('dxcc');
$station_profile_query = $this->stations->profile($id);
$item_id_clean = $this->security->xss_clean($id);
$station_profile_query = $this->stations->profile($item_id_clean);
$data['my_station_profile'] = $station_profile_query->row();
@@ -83,7 +85,7 @@ class Station extends CI_Controller {
{
$this->stations->edit();
$data['notice'] = "Station Profile ".$this->input->post('station_profile_name')." Updated";
$data['notice'] = "Station Profile ".$this->security->xss_clean($this->input->post('station_profile_name', true))." Updated";
redirect('station');
}