called htmlspeciallchars() to escape a file import error message

This commit is contained in:
hyung-hwan 2015-08-16 13:08:22 +00:00
parent cf532ebaf9
commit a696b3be30

View File

@ -102,7 +102,7 @@ class Code extends Controller
if (count($import_files) > 0 && $this->subversion->importFiles ($projectid, $path, $login['id'], $post_new_message, $import_files, $this->upload) === FALSE)
{
$popup_error_message = '<pre>' . $this->subversion->import_files_errmsg . '</pre>';
$popup_error_message = '<pre>' . htmlspecialchars($this->subversion->import_files_errmsg) . '</pre>';
}
else
{