mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2024-12-23 02:04:46 +02:00
[Web] escape html of alert messages
This commit is contained in:
parent
cd24057f1a
commit
cf2fda66e2
@ -12,7 +12,8 @@ $alertbox_log_parser = alertbox_log_parser($_SESSION);
|
|||||||
$alerts = [];
|
$alerts = [];
|
||||||
if (is_array($alertbox_log_parser)) {
|
if (is_array($alertbox_log_parser)) {
|
||||||
foreach ($alertbox_log_parser as $log) {
|
foreach ($alertbox_log_parser as $log) {
|
||||||
$message = strtr($log['msg'], ["\n" => '', "\r" => '', "\t" => '<br>']);
|
$message = htmlspecialchars($log['msg'], ENT_QUOTES);
|
||||||
|
$message = strtr($message, ["\n" => '', "\r" => '', "\t" => '<br>']);
|
||||||
$alerts[trim($log['type'], '"')][] = trim($message, '"');
|
$alerts[trim($log['type'], '"')][] = trim($message, '"');
|
||||||
}
|
}
|
||||||
$alert = array_filter(array_unique($alerts));
|
$alert = array_filter(array_unique($alerts));
|
||||||
|
Loading…
Reference in New Issue
Block a user