From 2ad03e10354a141738f3aed183de4513789f4bbe Mon Sep 17 00:00:00 2001 From: D9ping Date: Tue, 31 Jul 2018 23:37:52 +0200 Subject: [PATCH 1/2] Fix for #210. Signed-off-by: D9ping --- includes/webconsole.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/includes/webconsole.php b/includes/webconsole.php index 101574f5..a26b0c0d 100755 --- a/includes/webconsole.php +++ b/includes/webconsole.php @@ -1,4 +1,14 @@ Date: Tue, 31 Jul 2018 23:51:15 +0200 Subject: [PATCH 2/2] Fix for #211. Signed-off-by: D9ping --- index.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/index.php b/index.php index bd6f31cb..767d30eb 100755 --- a/index.php +++ b/index.php @@ -51,10 +51,10 @@ if(!isset($_COOKIE['theme'])) { } else { $theme = $_COOKIE['theme']; } -$theme_url = 'dist/css/' . $theme; -?> - +$theme_url = 'dist/css/'.htmlspecialchars($theme, ENT_QUOTES); + +?>