security improved for some pages with strip_tags of

author: Filip Komar <filip@mageia.org> 2014-01-10 20:16:39 +0000
committer: Filip Komar <filip@mageia.org> 2014-01-10 20:16:39 +0000
commit: 4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f (patch)
tree: 4a57df1895b89fe6ac4dcc2c534c7f4e28d691a0 /langs/missing.php
parent: e861636e2f1c43ba899c265bcae30bbaefa2fe60 (diff)
download: www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar
www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar.gz
www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar.bz2
www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar.xz
www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/langs/missing.php b/langs/missing.php
index 03b6cd698..c8f5a4705 100644
--- a/langs/missing.php
+++ b/langs/missing.php
@@ -2,8 +2,8 @@
 /**
 */
 
-$s = isset($_GET['s']) ? trim($_GET['s']) : null;
-$l = isset($_GET['l']) ? trim($_GET['l']) : null;
+$s = isset($_GET['s']) ? strip_tags(trim($_GET['s'])) : null;
+$l = isset($_GET['l']) ? strip_tags(trim($_GET['l'])) : null;
 
 if (is_null($s)) {
     header('Location: /langs/report.php');
author	Filip Komar <filip@mageia.org>	2014-01-10 20:16:39 +0000
committer	Filip Komar <filip@mageia.org>	2014-01-10 20:16:39 +0000
commit	4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f (patch)
tree	4a57df1895b89fe6ac4dcc2c534c7f4e28d691a0 /langs/missing.php
parent	e861636e2f1c43ba899c265bcae30bbaefa2fe60 (diff)
download	www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar.gz www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar.bz2 www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.tar.xz www-4226ef6f206ce7a5d81b3f04b85d4b47937a0f0f.zip