bug 1412: by the way... secure the whois call better bug-1412
authorFelix Dörre <felix@dogcraft.de>
Tue, 23 Feb 2016 20:57:11 +0000 (21:57 +0100)
committerFelix Dörre <felix@dogcraft.de>
Tue, 23 Feb 2016 20:57:11 +0000 (21:57 +0100)
includes/account.php

index 5d45602..1977037 100644 (file)
@@ -577,7 +577,7 @@ function buildSubjectFromSession() {
                $addy = array();
                $adds = array();
                if(strtolower(substr($newdom, -4, 3)) != ".jp")
-                       $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
+                       $adds = explode("\n", trim(`/usr/bin/whois -- $newdom|grep "@"`));
                if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
                {
                        if(is_array($adds))