Skip to content

Commit

Permalink
Adicionando xss_clean aos textarea (#2344)
Browse files Browse the repository at this point in the history 
Quando o cliente tentar enviar um script JS no textarea
dos campos Equipamento, Defeito e Observações
o xss_clean remove o script e adiciona a tag [removed]
Evitando assim a execução de scripts inesperados.
  • Loading branch information
@juliolobo
juliolobo authored Feb 29, 2024
1 parent 2b1d0cb commit 3c4100d
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions application/controllers/Mine.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -741,10 +741,10 @@ public function adicionarOs()
'clientes_id' => $this->session->userdata('cliente_id'), //set_value('idCliente'),
'usuarios_id' => $id, //set_value('idUsuario'),
'dataFinal' => date('Y-m-d'),
'descricaoProduto' => $this->input->post('descricaoProduto'),
'defeito' => $this->input->post('defeito'),
'descricaoProduto' => $this->security->xss_clean($this->input->post('descricaoProduto')),
'defeito' => $this->security->xss_clean($this->input->post('defeito')),
'status' => 'Aberto',
'observacoes' => set_value('observacoes'),
'observacoes' => $this->security->xss_clean(set_value('observacoes')),
'faturado' => 0,
];

Expand Down

0 comments on commit 3c4100d

Please sign in to comment.