diff options
| author | friendica <info@friendica.com> | 2013-08-25 20:11:49 -0700 |
|---|---|---|
| committer | friendica <info@friendica.com> | 2013-08-25 20:11:49 -0700 |
| commit | 754611738865eacba7f4acc235c03bad85dfa2c3 (patch) | |
| tree | 5530216b5ac1598c0888993f617fb2292386a776 /include/zot.php | |
| parent | df3cf811f044fe49173ea4b1b9d19bcdff76bc26 (diff) | |
| download | volse-hubzilla-754611738865eacba7f4acc235c03bad85dfa2c3.tar.gz volse-hubzilla-754611738865eacba7f4acc235c03bad85dfa2c3.tar.bz2 volse-hubzilla-754611738865eacba7f4acc235c03bad85dfa2c3.zip | |
Try to ensure full paths don't leak into xchan_addr and hubloc_addr
Diffstat (limited to 'include/zot.php')
| -rw-r--r-- | include/zot.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/zot.php b/include/zot.php index c7049dee6..051fa5078 100644 --- a/include/zot.php +++ b/include/zot.php @@ -138,7 +138,7 @@ function zot_finger($webbie,$channel) { $r = q("select xchan.*, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash where xchan_addr = '%s' and (hubloc_flags & %d) limit 1", - dbesc($xchan_address), + dbesc($xchan_addr), intval(HUBLOC_FLAGS_PRIMARY) ); |