Skip to content

Commit 3c216d9

Browse files
tomonormantomonorman
committed
DP-542 Fix email sanitization issues
1 parent 777589a commit 3c216d9

1 file changed

Lines changed: 5 additions & 5 deletions

File tree

src/Components/Registrar.php

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -122,12 +122,12 @@ protected static function sendConfirmation($user, $emailServiceId, $emailTemplat
122122
'link' => url(\Config::get('df.confirm_register_url')) .
123123
'?code=' . $user->confirm_code .
124124
'&email=' . $email .
125-
'&username=' . $user->username,
126-
'first_name' => $user->first_name,
127-
'last_name' => $user->last_name,
128-
'name' => $user->name,
125+
'&username=' . strip_tags($user->username),
126+
'first_name' => strip_tags($user->first_name),
127+
'last_name' => strip_tags($user->last_name),
128+
'name' => strip_tags($user->name),
129129
'email' => $user->email,
130-
'phone' => $user->phone,
130+
'phone' => strip_tags($user->phone),
131131
'content_header' => array_get($templateData, 'subject', 'Confirm your DreamFactory account.'),
132132
'app_name' => \Config::get('app.name'),
133133
'instance_name' => \Config::get('app.name'), // older templates

0 commit comments

Comments
 (0)