diff options
| author | Michal Čihař <michal@cihar.com> | 2016-06-17 15:29:57 +0300 |
|---|---|---|
| committer | Michal Čihař <michal@cihar.com> | 2016-06-17 15:30:36 +0300 |
| commit | 94cf3864254ffaf3a69e97d8fc454888368b94ab (patch) | |
| tree | 68b92afac3b7c0f34f8c0a54a114cfb482ee42f8 /examples | |
| parent | 1363ce574974ad6971f552a30b6b05f48dc80392 (diff) | |
Escape error messages from OpenID
Signed-off-by: Michal Čihař <michal@cihar.com>
Diffstat (limited to 'examples')
| -rw-r--r-- | examples/openid.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/examples/openid.php b/examples/openid.php index ab7707f538..a15189b37a 100644 --- a/examples/openid.php +++ b/examples/openid.php @@ -111,7 +111,7 @@ try { $o = new OpenID_RelyingParty($returnTo, $realm, $identifier); } catch (Exception $e) { $contents = "<div class='relyingparty_results'>\n"; - $contents .= "<pre>" . $e->getMessage() . "</pre>\n"; + $contents .= "<pre>" . htmlspecialchars($e->getMessage()) . "</pre>\n"; $contents .= "</div class='relyingparty_results'>"; Show_page($contents); exit; @@ -121,9 +121,9 @@ try { if (isset($_POST['start'])) { try { $authRequest = $o->prepare(); - } catch (OpenID_Exception $e) { + } catch (Exception $e) { $contents = "<div class='relyingparty_results'>\n"; - $contents .= "<pre>" . $e->getMessage() . "</pre>\n"; + $contents .= "<pre>" . htmlspecialchars($e->getMessage()) . "</pre>\n"; $contents .= "</div class='relyingparty_results'>"; Show_page($contents); exit; |