mirror of
https://github.com/silverstripe/silverstripe-userforms.git
synced 2024-10-22 15:05:42 +00:00
MINOR - Added escaping for values passed by url params
This commit is contained in:
marcokernler
parent
e24e9b4245
commit
ab7e53fb6f
@ -407,7 +407,7 @@ class UserDefinedForm_Controller extends Page_Controller {
|
||||
|
||||
// set the values passed by the url to the field
|
||||
$request = $this->getRequest();
|
||||
$value = $request->getVar($field->name);
|
||||
$value = Convert::raw2att($request->getVar($field->name));
|
||||
if(isset($value)) $field->value = $value;
|
||||
|
||||
$fields->push($field);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user