From b0ec6236bb55a887c2bdbeaed7200a890624da02 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Mon, 15 Aug 2016 16:55:33 +0200
Subject: [util] Also escape the print_r output when rendering HTML
---
inc/util.inc.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'inc/util.inc.php')
diff --git a/inc/util.inc.php b/inc/util.inc.php
index bee07765..a9ae384c 100644
--- a/inc/util.inc.php
+++ b/inc/util.inc.php
@@ -44,7 +44,7 @@ class Util
echo "Stack Trace
";
echo '', self::formatBacktraceHtml(debug_backtrace()), '
';
echo "Globals
";
- echo print_r($GLOBALS, true);
+ echo htmlspecialchars(print_r($GLOBALS, true));
echo '
';
} else {
echo <<