fixes #568

Signed-off-by: Valerian Saliou <valerian@valeriansaliou.name>
author: Valerian Saliou <valerian@valeriansaliou.name> 2015-11-18 18:41:40 +0300
committer: Valerian Saliou <valerian@valeriansaliou.name> 2015-11-18 18:41:40 +0300
commit: 76435a08547cd86bc7f89e89349f8bb6823472cf (patch)
tree: 044e7e49917be808fe439ed971b429b56d794029
parent: a30c8bb084a5f9ea27e2dcf816ec3cda15b2ea78 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/server/functions.php b/server/functions.php
index 7706beca..7939f2ff 100644
--- a/server/functions.php
+++ b/server/functions.php
@@ -1077,7 +1077,7 @@ function keepGet($current, $no_get) {
     foreach($sanitized as &$get_var) {
         $get_var = preg_replace_callback(
             '/^(.*=)(.+)$/',
-            function($m) { $data = urldecode($m[2]); return '&' . $m[1] . urlencode($data); },
+            function($m) { $data = htmlentities(urldecode($m[2])); return '&' . htmlentities($m[1]) . urlencode($data); },
             $get_var
         );
     }
author	Valerian Saliou <valerian@valeriansaliou.name>	2015-11-18 18:41:40 +0300
committer	Valerian Saliou <valerian@valeriansaliou.name>	2015-11-18 18:41:40 +0300
commit	76435a08547cd86bc7f89e89349f8bb6823472cf (patch)
tree	044e7e49917be808fe439ed971b429b56d794029
parent	a30c8bb084a5f9ea27e2dcf816ec3cda15b2ea78 (diff)