Fixed XSS

2007-07-03 19:53:34 +00:00 · 2007-07-03 19:53:34 +00:00 · 1ce6bd6439
commit 1ce6bd6439
parent e9bddc7c28
1 changed files with 4 additions and 4 deletions
--- a/pages/account/54.php
+++ b/pages/account/54.php
@ -70,11 +70,11 @@
  </tr>
  <tr>
    <td class="DataTD"><?=_("Longitude")?>:</td>
-    <td class="DataTD"><input type="text" name="longitude" value="<?=$_REQUEST['longitude']?>"></td>
+    <td class="DataTD"><input type="text" name="longitude" value="<?=sanitizeHTML($_REQUEST['longitude'])?>"></td>
  </tr>
  <tr>
    <td class="DataTD"><?=_("Latitude")?>:</td>
-    <td class="DataTD"><input type="text" name="latitude" value="<?=$_REQUEST['latitude']?>"></td>
+    <td class="DataTD"><input type="text" name="latitude" value="<?=sanitizeHTML($_REQUEST['latitude'])?>"></td>
  </tr>
  <tr>
    <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>
@ -106,11 +106,11 @@
  </tr>
  <tr>
    <td class="DataTD"><?=_("Longitude")?>:</td>
-    <td class="DataTD"><input type="text" name="longitude" value="<?=$_REQUEST['longitude']?>"></td>
+    <td class="DataTD"><input type="text" name="longitude" value="<?=sanitizeHTML($_REQUEST['longitude'])?>"></td>
  </tr>
  <tr>
    <td class="DataTD"><?=_("Latitude")?>:</td>
-    <td class="DataTD"><input type="text" name="latitude" value="<?=$_REQUEST['latitude']?>"></td>
+    <td class="DataTD"><input type="text" name="latitude" value="<?=sanitizeHTML($_REQUEST['latitude'])?>"></td>
  </tr>
  <tr>
    <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>