badmanners/shimmie2
badmanners/shimmie2
Archived
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

don't assume exception messages are html

Browse source
This commit is contained in:
Shish 2024-09-04 23:55:53 +01:00 committed by Shish
parent 12a8747020
commit bda801054d
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
core/polyfills.php
View file

@ -648,7 +648,7 @@ function validate_input(array $inputs): array
$outputs[$key] = $value; $outputs[$key] = $value;
} elseif (in_array('user_class', $flags)) { } elseif (in_array('user_class', $flags)) {
if (!array_key_exists($value, UserClass::$known_classes)) { if (!array_key_exists($value, UserClass::$known_classes)) {
throw new InvalidInput("Invalid user class: ".html_escape($value)); throw new InvalidInput("Invalid user class: $value");
} }
$outputs[$key] = $value; $outputs[$key] = $value;
} elseif (in_array('email', $flags)) { } elseif (in_array('email', $flags)) {
@ -658,7 +658,7 @@ function validate_input(array $inputs): array
} elseif (in_array('int', $flags)) { } elseif (in_array('int', $flags)) {
$value = trim($value); $value = trim($value);
if (empty($value) || !is_numeric($value)) { if (empty($value) || !is_numeric($value)) {
throw new InvalidInput("Invalid int: ".html_escape($value)); throw new InvalidInput("Invalid int: $value");
} }
$outputs[$key] = (int)$value; $outputs[$key] = (int)$value;
} elseif (in_array('bool', $flags)) { } elseif (in_array('bool', $flags)) {