goodspeed/Cloudlog
1
0
派生 0
代码 工单 合并请求 项目 版本发布 软件包 百科 动态 Actions

Sanitize state input in Stations model

浏览代码 
Added xss_clean sanitization to 'station_ca_state' and 'station_state' POST inputs to enhance security and prevent XSS vulnerabilities when handling state data.
这个提交包含在:
Peter Goodhall 2025-08-02 11:04:59 +01:00
父节点 f502de6338
当前提交 11673494ef
共有 1 个文件被更改,包括 4 次插入4 次删除
显示统计信息 下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

8
application/models/Stations.php
查看文件

@ -77,9 +77,9 @@ class Stations extends CI_Model {
// Check if the state is Canada and get the correct state // Check if the state is Canada and get the correct state
if ($this->input->post('dxcc') == 1 && $this->input->post('station_ca_state') !="") { if ($this->input->post('dxcc') == 1 && $this->input->post('station_ca_state') !="") {
$state = $this->input->post('station_ca_state'); $state = xss_clean($this->input->post('station_ca_state', true));
} else { } else {
$state = $this->input->post('station_state'); $state = xss_clean($this->input->post('station_state', true));
} }
// Create data array with field values // Create data array with field values
@ -131,9 +131,9 @@ class Stations extends CI_Model {
// Check if the state is Canada and get the correct state // Check if the state is Canada and get the correct state
if ($this->input->post('dxcc') == 1 && $this->input->post('station_ca_state') !="") { if ($this->input->post('dxcc') == 1 && $this->input->post('station_ca_state') !="") {
$state = $this->input->post('station_ca_state'); $state = xss_clean($this->input->post('station_ca_state', true));
} else { } else {
$state = $this->input->post('station_state'); $state = xss_clean($this->input->post('station_state', true));
} }
$data = array( $data = array(