ivuorinen/xkcd-Mailer
1
0
Fork 0
mirror of https://github.com/ivuorinen/xkcd-Mailer.git synced 2026-01-26 03:04:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix snyk reported XSS vulnerabilities

Browse Source
This commit is contained in:
Ismo Vuorinen
2021-12-20 13:21:35 +02:00
parent 04186912b3
commit ca885ef899
1 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
xkcd-mailer.php
View File

@@ -99,22 +99,25 @@ if ($current > $last) {
if ($send) { if ($send) {
mail($mail, $subject, $msg, $headers); mail($mail, $subject, $msg, $headers);
} else { } else {
echo $msg . "\n\n"; echo htmlspecialchars($msg, ENT_QUOTES) . "\n\n";
} }
$file_write_result = file_put_contents($lastfile, $current); $file_write_result = file_put_contents($lastfile, $current);
if (! $file_write_result) { if (! $file_write_result) {
echo "Error writing to file: $lastfile\n"; echo htmlspecialchars("Error writing to file: $lastfile\n", ENT_QUOTES);
exit(1); exit(1);
} }
if ($debug) { if ($debug) {
echo "New last is $current (was $last)\n"; echo htmlspecialchars("New last is $current (was $last)\n", ENT_QUOTES);
} }
exit(0); exit(0);
} }
if ($debug) { if ($debug) {
echo sprintf("No new XKCD: last=%d current=%d\n", $last, $current); echo htmlspecialchars(
sprintf("No new XKCD: last=%d current=%d\n", $last, $current),
ENT_QUOTES
);
} }