diff options
| author | Andy Staudacher <andy.st@gmail.com> | 2009-08-31 02:12:01 -0700 |
|---|---|---|
| committer | Andy Staudacher <andy.st@gmail.com> | 2009-08-31 02:12:01 -0700 |
| commit | 8312eb116e65195e3fc70d59b3b0817b9c807287 (patch) | |
| tree | 1a7191e21d19c92cd5fa843144356a8bd950ef06 /modules/gallery/controllers/admin_advanced_settings.php | |
| parent | 26f6d8192ffdfd0280987ec2b9df0305e983746d (diff) | |
XSS review fixes (mostly adding missing html::mark_clean()) calls.
Diffstat (limited to 'modules/gallery/controllers/admin_advanced_settings.php')
| -rw-r--r-- | modules/gallery/controllers/admin_advanced_settings.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/gallery/controllers/admin_advanced_settings.php b/modules/gallery/controllers/admin_advanced_settings.php index 43c77340..79bc1183 100644 --- a/modules/gallery/controllers/admin_advanced_settings.php +++ b/modules/gallery/controllers/admin_advanced_settings.php @@ -46,7 +46,7 @@ class Admin_Advanced_Settings_Controller extends Admin_Controller { module::set_var($module_name, $var_name, Input::instance()->post("value")); message::success( t("Saved value for %var (%module_name)", - array("var" => html::clean($var_name), "module_name" => $module_name))); + array("var" => $var_name, "module_name" => $module_name))); print json_encode(array("result" => "success")); } |