Sanitize the module name and don't allow storing values for illegal

module names. Fixes #1898.
2026-05-20 11:29:24 -04:00 · 2012-07-21 15:42:52 -07:00
parent 27e2534016
commit 8524fba15a
2 changed files with 18 additions and 14 deletions
--- a/modules/gallery/views/admin_advanced_settings.html.php
+++ b/modules/gallery/views/admin_advanced_settings.html.php
@@ -19,7 +19,7 @@
      </tr>
      <? foreach ($vars as $var): ?>
      <tr class="setting-row <?= text::alternate("g-odd", "g-even") ?>">
-        <td> <?= $var->module_name ?> </td>
+        <td> <?= html::clean($var->module_name) ?> </td>
        <td> <?= html::clean($var->name) ?> </td>
        <td>
          <a href="<?= url::site("admin/advanced_settings/edit/$var->module_name/" . html::clean($var->name)) ?>"