githubFork/roundcubemail.git

githubFork / roundcubemail

Roundcubemail devel

summary
reflog
commits
tree
docs
forks
compare

parent: 6f079094 | patch | commit | ignore whitespace

prevent unwanted code execution via CURLOPT_POSTFIELDS (again)

Till Krüss

2014-02-12 dc52ae0b02caa379a16715cba1554b2494498cb7

prevent unwanted code execution via CURLOPT_POSTFIELDS (again)

1 files modified

plugins/password/drivers/domainfactory.php

2 ●●●●● patch | view | raw | blame | history

 plugins/password/drivers/domainfactory.php

@@ -51,7 +51,7 @@

                // change password
                $ch = curl_copy_handle($ch);
                curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
                curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postfields));
                if ($result = curl_exec($ch)) {

                    // has the password been changed?

			@@ -51,7 +51,7 @@

			// change password
			$ch = curl_copy_handle($ch);
			curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
			curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postfields));
			if ($result = curl_exec($ch)) {

			// has the password been changed?