From: sunil <esunil.pawar@gmail.com>
Date: Fri, 31 Jul 2015 10:57:53 +0000 (+0530)
Subject: security fix
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=4c68cf7b2195a91cf610586a2dd7c5aa8aa0502e;p=civicrm-core.git

security fix
---

diff --git a/CRM/Contact/Page/AJAX.php b/CRM/Contact/Page/AJAX.php
index b2d2ed0c07..5c6589f34a 100644
--- a/CRM/Contact/Page/AJAX.php
+++ b/CRM/Contact/Page/AJAX.php
@@ -336,7 +336,7 @@ class CRM_Contact_Page_AJAX {
     }
 
     $config = CRM_Core_Config::singleton();
-    $username = trim(CRM_Utils_Type::escape($_REQUEST['cms_name'], 'String'));
+    $username = trim(CRM_Utils_Array::value('cms_name', $_REQUEST));
 
     $params = array('name' => $username);
 
diff --git a/CRM/Core/Error.php b/CRM/Core/Error.php
index 49bfe0b137..b5fe44a2c9 100644
--- a/CRM/Core/Error.php
+++ b/CRM/Core/Error.php
@@ -335,7 +335,7 @@ class CRM_Core_Error extends PEAR_ErrorStack {
     if (php_sapi_name() == "cli") {
       print ("Sorry. A non-recoverable error has occurred.\n$message \n$code\n$email\n\n");
       // Fix for CRM-16899
-      //debug_print_backtrace();
+      echo static::formatBacktrace(debug_backtrace());
       die("\n");
       // FIXME: Why doesn't this call abend()?
       // Difference: abend() will cleanup transaction and (via civiExit) store session state