diff options
| author | diosmosis <diosmosis@users.noreply.github.com> | 2019-01-29 08:05:26 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-01-29 08:05:26 +0300 |
| commit | c826e18dd078296a97f0ad86167a8d6b15406964 (patch) | |
| tree | fd4dcabe63eb076c8638cb101aba5f4cd45fe4a2 /core/Filechecks.php | |
| parent | 75cf2d2314533cffcaa4333f0566991a4ba15307 (diff) | |
Set isHtmlMessage for more exceptions. (#14024)
* Set isHtmlMessage for more exceptions.
* Escaping file names.
Diffstat (limited to 'core/Filechecks.php')
| -rw-r--r-- | core/Filechecks.php | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/core/Filechecks.php b/core/Filechecks.php index 9cf8d45199..9da1beac5f 100644 --- a/core/Filechecks.php +++ b/core/Filechecks.php @@ -132,9 +132,9 @@ class Filechecks You can try to execute:<br />"; } else { $message .= "For example, on a GNU/Linux server if your Apache httpd user is " - . self::getUser() + . Common::sanitizeInputValue(self::getUser()) . ", you can try to execute:<br />\n" - . "<code>chown -R ". self::getUserAndGroup() ." " . $path . "</code><br />"; + . "<code>chown -R ". Common::sanitizeInputValue(self::getUserAndGroup()) ." " . Common::sanitizeInputValue($path) . "</code><br />"; } $message .= self::getMakeWritableCommand($path); @@ -179,8 +179,9 @@ class Filechecks */ private static function getMakeWritableCommand($realpath) { + $realpath = Common::sanitizeInputValue($realpath); if (SettingsServer::isWindows()) { - return "<code>cacls $realpath /t /g " . self::getUser() . ":f</code><br />\n"; + return "<code>cacls $realpath /t /g " . Common::sanitizeInputValue(self::getUser()) . ":f</code><br />\n"; } return "<code>chmod -R 0755 $realpath</code><br />"; } |