yetangitu/Oinktube
1
0
Fork 0
mirror of https://github.com/DanielnetoDotCom/YouPHPTube synced 2025-10-06 03:50:04 +02:00
Code Issues Releases Wiki Activity

XSS vulnerability fix , thanks Max Boll

Browse source
This commit is contained in:
Daniel 2022-03-13 11:01:29 -03:00
parent 3722335f80
commit f6f372f1f4
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
objects/functions.php
View file

@ -5798,7 +5798,7 @@ function getDeviceID($useRandomString = true) {
$device
);
$device .= '-' . intval(User::getId());
return preg_replace($pattern, '', $device);
return preg_replace($pattern, '-', $device);
}
$cookieName = "yptDeviceID";
@ -5818,7 +5818,7 @@ function getDeviceID($useRandomString = true) {
}
$_COOKIE[$cookieName] = $_GET[$cookieName];
}
return preg_replace($pattern, '', $_COOKIE[$cookieName]);
return preg_replace($pattern, '-', $_COOKIE[$cookieName]);
}
function deviceIdToObject($deviceID) {