Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2026-03-04 19:41:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

closes #3297

Browse Source
This commit is contained in:
Julian Lam
2015-07-06 15:06:03 -04:00
parent ffd22f50ff
commit da1c347fc2
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/middleware/middleware.js
View File

@@ -274,7 +274,7 @@ middleware.renderHeader = function(req, res, callback) {
templateValues.linkTags = results.tags.link;
templateValues.isAdmin = results.user.isAdmin;
templateValues.user = results.user;
templateValues.userJSON = JSON.stringify(results.user).replace(/'/g, "\\'");
templateValues.userJSON = JSON.stringify(results.user);
templateValues.customCSS = results.customCSS;
templateValues.customJS = results.customJS;
templateValues.maintenanceHeader = parseInt(meta.config.maintenanceMode, 10) === 1 && !results.isAdmin;

3
src/user.js
View File

@@ -3,6 +3,7 @@
var async = require('async'),
nconf = require('nconf'),
gravatar = require('gravatar'),
validator = require('validator'),
plugins = require('./plugins'),
db = require('./database'),
@@ -111,6 +112,8 @@ var async = require('async'),
return;
}
user.username = validator.escape(user.username);
if (user.password) {
user.password = undefined;
}