fix(admin): escape stored player values in admin templates [#139] (#272)

This commit is contained in:
Ferywir
2026-06-23 21:00:51 +02:00
committed by GitHub
parent 90c5cdd97c
commit c0bbf2bfbe
12 changed files with 19 additions and 19 deletions
+1 -1
View File
@@ -34,7 +34,7 @@ if(isset($_GET['uid']))
<table id="member" style="width:300px;">
<thead>
<tr>
<th colspan="2">Edit <?php echo $player['username']; ?>'s access</th>
<th colspan="2">Edit <?php echo htmlspecialchars($player['username']); ?>'s access</th>
</tr>
<tr>
<td></td>