Added XSS prevention

pull/1/head
root 15 years ago
parent 16d7b35bae
commit 31c57ef051

@ -23,7 +23,7 @@
$s = mysql_real_escape_string($_REQUEST['s']);
$id = mysql_real_escape_string(strip_tags($_REQUEST['id']));
echo "parent._ac_rpc('$id',";
echo "parent._ac_rpc('".sanitizeHTML($id)."',";
$bits = explode(",", $s);

Loading…
Cancel
Save