Fixed some potential security risks + updatedd changelog

git-svn-id: https://svn.roundcube.net/trunk@930 208e9e7b-5314-0410-a742-e7e81cd9613c
author: thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> 2007-11-25 17:34:19 +0000
committer: thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> 2007-11-25 17:34:19 +0000
commit: 916676eafd05379db18614e3c0431fdbd422feb2 (patch)
tree: 3ff32ced45c2e0c8a57b9c64ebe676f7eda0d9c5 /roundcubemail/program/include/rcmail_template.inc
parent: 2f82db76ece7e62d182850dea58c902b7d0a43f3 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/roundcubemail/program/include/rcmail_template.inc b/roundcubemail/program/include/rcmail_template.inc
index 15752f8bc..558bd4bf6 100644
--- a/roundcubemail/program/include/rcmail_template.inc
+++ b/roundcubemail/program/include/rcmail_template.inc
@@ -831,12 +831,12 @@ function rcmail_login_form($attrib)
         }
     }
       
-    $fields['host'] = isset($select_host) ? $select_host->show($_POST['_host']) : null;
+    $fields['host'] = isset($select_host) ? $select_host->show(get_input_value('_host', RCUBE_INPUT_POST)) : null;
     }
   else if (!strlen($CONFIG['default_host']))
     {
     $input_host = new textfield(array('name' => '_host', 'id' => 'rcmloginhost', 'size' => 30));
-    $fields['host'] = $input_host->show($_POST['_host']);
+    $fields['host'] = $input_host->show(get_input_value('_host', RCUBE_INPUT_POST));
     }
 
   $form_name = strlen($attrib['form']) ? $attrib['form'] : 'form';
author	thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c>	2007-11-25 17:34:19 +0000
committer	thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c>	2007-11-25 17:34:19 +0000
commit	916676eafd05379db18614e3c0431fdbd422feb2 (patch)
tree	3ff32ced45c2e0c8a57b9c64ebe676f7eda0d9c5 /roundcubemail/program/include/rcmail_template.inc
parent	2f82db76ece7e62d182850dea58c902b7d0a43f3 (diff)