From 5f25780550248a0d9982421015dfec69dc776e22 Mon Sep 17 00:00:00 2001
From: root <root@www.cacert.org>
Date: Mon, 24 Nov 2008 20:49:26 +0000
Subject: [PATCH] Added XSS prevention

---
 www/api/edu.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/www/api/edu.php b/www/api/edu.php
index d31fbb5..27b7b1b 100644
--- a/www/api/edu.php
+++ b/www/api/edu.php
@@ -27,12 +27,12 @@
     $query= mysql_query($sql); 
     if(mysql_num_rows($query) != 1)
     {
-      echo "NOT FOUND: $sql";
+      echo "NOT FOUND: ".sanitizeHTML($sql);
     }
     else
     {
       $memid = mysql_fetch_assoc($query);
-      echo $memid['memid'];
+      echo sanitizeHTML($memid['memid']);
     }
   }
   else