Add security remove XSS

jmontoyaa · jmontoyaa · commit d24f81b60e0a · 2016-02-18T16:07:08.000+01:00
diff --git a/main/work/view.php b/main/work/view.php
@@ -19,6 +19,9 @@
     api_not_allowed(true);
 }
 
+$work['title'] = isset($work['title']) ? Security::remove_XSS($work['title']) : '';
+$work['description'] = isset($work['description']) ? Security::remove_XSS($work['description']) : '';
+
 $interbreadcrumb[] = array ('url' => 'work.php', 'name' => get_lang('StudentPublications'));
 
 $my_folder_data = get_work_data_by_id($work['parent_id']);

Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,9 @@`
`19`	`19`	`api_not_allowed(true);`
`20`	`20`	`}`
`21`	`21`
	`22`	`+$work['title'] = isset($work['title']) ? Security::remove_XSS($work['title']) : '';`
	`23`	`+$work['description'] = isset($work['description']) ? Security::remove_XSS($work['description']) : '';`
	`24`	`+`
`22`	`25`	`$interbreadcrumb[] = array ('url' => 'work.php', 'name' => get_lang('StudentPublications'));`
`23`	`26`
`24`	`27`	`$my_folder_data = get_work_data_by_id($work['parent_id']);`