diff options
Diffstat (limited to 'langs')
-rw-r--r-- | langs/diff.php | 6 | ||||
-rw-r--r-- | langs/missing.php | 4 |
2 files changed, 5 insertions, 5 deletions
diff --git a/langs/diff.php b/langs/diff.php index ccc7f6416..117d38a9e 100644 --- a/langs/diff.php +++ b/langs/diff.php @@ -4,8 +4,8 @@ * against matching file in language 'l', if it exists. */ -$source_file = isset($_GET['s']) ? trim($_GET['s']) : null; -$target_lang = isset($_GET['l']) ? trim($_GET['l']) : null; +$source_file = isset($_GET['s']) ? strip_tags(trim($_GET['s'])) : null; +$target_lang = isset($_GET['l']) ? strip_tags(trim($_GET['l'])) : null; if (is_null($source_file) || is_null($target_lang)) { @@ -113,7 +113,7 @@ header('Content-Type: text/html;charset=utf-8'); </style> </head> <body> - <?php echo $s; ?> + <?php echo $s; $test_1 = TRUE; $test = strip_tags($test_1); echo '1. test: ' . $test; ?> <hr> </body> </html> diff --git a/langs/missing.php b/langs/missing.php index 03b6cd698..c8f5a4705 100644 --- a/langs/missing.php +++ b/langs/missing.php @@ -2,8 +2,8 @@ /** */ -$s = isset($_GET['s']) ? trim($_GET['s']) : null; -$l = isset($_GET['l']) ? trim($_GET['l']) : null; +$s = isset($_GET['s']) ? strip_tags(trim($_GET['s'])) : null; +$l = isset($_GET['l']) ? strip_tags(trim($_GET['l'])) : null; if (is_null($s)) { header('Location: /langs/report.php'); |