From c5799618997716288169b6fbcd1251f76788cd49 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Sun, 25 Nov 2007 12:34:19 -0500
Subject: [PATCH] Fixed some potential security risks + updatedd changelog

---
 program/include/main.inc |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/program/include/main.inc b/program/include/main.inc
index 49dd2aa..f0c6030 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -1432,7 +1432,7 @@
 
   // use value from post
   if (!empty($_POST[$fname]))
-    $value = $_POST[$fname];
+    $value = get_input_value($fname, RCUBE_INPUT_POST);
 
   $out = $input->show($value);
          

--
Gitblit v1.9.1