Chapril/xmpp.chapril.org-ejabberd
25
1
Fork 0
mirror of https://github.com/processone/ejabberd.git synced 2024-11-22 16:20:52 +01:00
Code Releases Activity

Escape user input in mod_privacy_odbc (EJAB-1442)

Browse Source
This commit is contained in:
Badlop 2011-04-26 20:35:25 +02:00
parent 9b145385af
commit 3952888f94
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/mod_privacy_odbc.erl
View File

@ -751,9 +751,9 @@ item_to_raw(#listitem{type = Type,
none ->
{"n", ""};
jid ->
{"j", jlib:jid_to_string(Value)};
{"j", ejabberd_odbc:escape(jlib:jid_to_string(Value))};
group ->
{"g", Value};
{"g", ejabberd_odbc:escape(Value)};
subscription ->
case Value of
none ->