summaryrefslogtreecommitdiff
path: root/app/Controllers/javascriptController.php
diff options
context:
space:
mode:
authorGravatar Alexandre Alapetite <alexandre@alapetite.fr> 2017-02-25 12:39:08 +0100
committerGravatar Alexandre Alapetite <alexandre@alapetite.fr> 2017-02-25 12:39:08 +0100
commit271a1fdc8900a8b2c32675c22dce1cc458209de4 (patch)
tree10f4e575e3d907b637f60128d270ac9a7576ce46 /app/Controllers/javascriptController.php
parent2e871a0adf131f53dcf345ad2dda73bdf7c1a2c9 (diff)
Missing checkUsername and const patten
https://github.com/FreshRSS/FreshRSS/pull/1423 https://github.com/YunoHost-Apps/freshrss_ynh/issues/27#issuecomment-279792363
Diffstat (limited to 'app/Controllers/javascriptController.php')
-rwxr-xr-xapp/Controllers/javascriptController.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/app/Controllers/javascriptController.php b/app/Controllers/javascriptController.php
index 00a7b5c38..6336106a9 100755
--- a/app/Controllers/javascriptController.php
+++ b/app/Controllers/javascriptController.php
@@ -26,7 +26,7 @@ class FreshRSS_javascript_Controller extends Minz_ActionController {
header('Pragma: no-cache');
$user = isset($_GET['user']) ? $_GET['user'] : '';
- if (ctype_alnum($user)) {
+ if (FreshRSS_user_Controller::checkUsername($user)) {
try {
$salt = FreshRSS_Context::$system_conf->salt;
$conf = get_user_configuration($user);
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-11 06:17:18 +0000