updated README; sanitize script parameter in index.php; sanitize description fields of entities (thx to zerody for pointing these out)

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2022-01-18 09:29:13 +01:00
parent 4d289e2a7f
commit c97f5f1e29
10 changed files with 26 additions and 22 deletions
--- a/lib/Froxlor/Validate/Validate.php
+++ b/lib/Froxlor/Validate/Validate.php
@@ -10,6 +10,8 @@ class Validate

 	const REGEX_CONF_TEXT = '/^[^\0]*$/';

+	const REGEX_DESC_TEXT = '/^[^\0\r\n<>]*$/';
+
 	/**
 	 * Validates the given string by matching against the pattern, prints an error on failure and exits
 	 *