Commit affe0648 authored by Ben Cooksley's avatar Ben Cooksley
Browse files

Fix POST escaping issues

parent 51a968f0
......@@ -260,8 +260,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && $action == 'finishreset') {
$timelimit = validate($_POST['lock']);
$ldapdata = array();
$message = array();
$password = validate($_POST['new_password']);
$password_confirm = validate($_POST['repeated_password']);
$password = validate(get_post('new_password'));
$password_confirm = validate(get_post('repeated_password'));
/* Do the password fields match? */
if ($password != $password_confirm) {
......
......@@ -216,8 +216,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['create'])){
$givenName = validate($_POST['givenName']);
$lastName = validate($_POST['sn']);
$email = validate($_POST['mail']);
$password = $_POST['new_password'];
$password_confirm = $_POST['repeated_password'];
$password = get_post('new_password');
$password_confirm = get_post('repeated_password');
/* Validate the data */
if ($givenName == "") {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment