]> wagnertech.de Git - mfinanz.git/blobdiff - bin/mozilla/common.pl
projects / mfinanz.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Quoten von allen in regulären Ausdrücken verwendeten Variablen, die direkt oder indir...
[mfinanz.git] / bin / mozilla / common.pl
diff --git a/bin/mozilla/common.pl b/bin/mozilla/common.pl
index d006c5436e12ef8e36540b56744cebeb9c709315..473acfffc4c3b24b6847b7484461a1f1619364d5 100644 (file)
--- a/bin/mozilla/common.pl
+++ b/bin/mozilla/common.pl
@@ -578,8 +578,11 @@ sub mark_as_paid_common {
     $form->redirect($locale->text("Marked as paid"));
 }
   else {
-    my $referer = $ENV{HTTP_REFERER};
-    $referer =~ s/^(.*)action\=.*\&(.*)$/$1action\=mark_as_paid\&mark_as_paid\=1\&login\=$form->{login}\&password\=$form->{password}\&id\=$form->{id}\&$2/;
+    my $referer  =  $ENV{HTTP_REFERER};
+    my $login    =  $form->escape($form->{login});
+    my $password =  $form->escape($form->{password});
+    my $id       =  $form->escape($form->{id});
+    $referer     =~ s/^(.*)action\=.*\&(.*)$/$1action\=mark_as_paid\&mark_as_paid\=1\&login\=$login\&password\=$password\&id\=$id\&$2/;
     $form->header();
     print qq|<body>|;
     print qq|<p><b>|.$locale->text('Mark as paid?').qq|</b></p>|;
Unnamed repository; edit this file 'description' to name the repository.