From b0ec6236bb55a887c2bdbeaed7200a890624da02 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Mon, 15 Aug 2016 16:55:33 +0200 Subject: [util] Also escape the print_r output when rendering HTML --- inc/util.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'inc/util.inc.php') diff --git a/inc/util.inc.php b/inc/util.inc.php index bee07765..a9ae384c 100644 --- a/inc/util.inc.php +++ b/inc/util.inc.php @@ -44,7 +44,7 @@ class Util echo "
', self::formatBacktraceHtml(debug_backtrace()), ''; echo "
"; - echo print_r($GLOBALS, true); + echo htmlspecialchars(print_r($GLOBALS, true)); echo ''; } else { echo <<