From: Alexander Ebert Date: Sat, 26 Sep 2015 21:13:02 +0000 (+0200) Subject: Properly remove bad characters from subject X-Git-Tag: 2.1.8~32 X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=3c4bef0f5ae67647fa94a14b03beaca688d1b779;p=GitHub%2FWoltLab%2FWCF.git Properly remove bad characters from subject --- diff --git a/wcfsetup/install/files/lib/form/MessageForm.class.php b/wcfsetup/install/files/lib/form/MessageForm.class.php index 9da2da41d1..2c84625a35 100644 --- a/wcfsetup/install/files/lib/form/MessageForm.class.php +++ b/wcfsetup/install/files/lib/form/MessageForm.class.php @@ -197,7 +197,7 @@ abstract class MessageForm extends AbstractCaptchaForm { public function readFormParameters() { parent::readFormParameters(); - if (isset($_POST['subject'])) $this->subject = StringUtil::trim($_POST['subject']); + if (isset($_POST['subject'])) $this->subject = StringUtil::trim(MessageUtil::stripCrap($_POST['subject'])); if (isset($_POST['text'])) $this->text = StringUtil::trim(MessageUtil::stripCrap($_POST['text'])); // settings