Changeset 19418 for trunk/include/functions_metadata.inc.php
- Timestamp:
- Dec 13, 2012, 10:33:10 AM (11 years ago)
- File:
-
- 1 edited
-
trunk/include/functions_metadata.inc.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/include/functions_metadata.inc.php
r17748 r19418 61 61 foreach (array_keys($map, $iptc_key) as $pwg_key) 62 62 { 63 $result[$pwg_key] = $value; 63 // in case the origin of the photo is unsecure (user upload), we 64 // remove HTML tags to avoid XSS (malicious execution of 65 // javascript) 66 $result[$pwg_key] = strip_tags($value); 64 67 } 65 68 } … … 141 144 } 142 145 146 foreach ($result as $key => $value) 147 { 148 // in case the origin of the photo is unsecure (user upload), we remove 149 // HTML tags to avoid XSS (malicious execution of javascript) 150 $result[$key] = strip_tags($value); 151 } 152 143 153 return $result; 144 154 }
Note: See TracChangeset
for help on using the changeset viewer.
