diff options
author | Jim Hu <jimhu@users.sourceforge.net> | 2007-05-16 22:20:47 +0000 |
---|---|---|
committer | Jim Hu <jimhu@users.sourceforge.net> | 2007-05-16 22:20:47 +0000 |
commit | 6d325063ea9a71890596b95871bde04797fd2c3d (patch) | |
tree | 29b72e5337ae9f53bbc0bfd553d43e55880aeef2 /functions/init.inc.php | |
parent | 2f80cc0fecd6a2f495a6cc843c36c7d5e0dc8565 (diff) | |
download | phpicalendar-6d325063ea9a71890596b95871bde04797fd2c3d.tar.gz phpicalendar-6d325063ea9a71890596b95871bde04797fd2c3d.tar.bz2 phpicalendar-6d325063ea9a71890596b95871bde04797fd2c3d.zip |
fix xss vulnerability by adding sanitizer for input vars from post, get, cookie, request
Diffstat (limited to 'functions/init.inc.php')
-rw-r--r-- | functions/init.inc.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/functions/init.inc.php b/functions/init.inc.php index 96dc27b..619dfa5 100644 --- a/functions/init.inc.php +++ b/functions/init.inc.php @@ -14,6 +14,7 @@ $ALL_CALENDARS_COMBINED = 'all_calendars_combined971'; // Pull in the configuration and some functions. if (!defined('BASE')) define('BASE', './'); include_once(BASE.'config.inc.php'); +include_once(BASE.'functions/sanitize.php'); $cookie_name = 'phpicalendar_'.basename($default_path); if (isset($_COOKIE["$cookie_name"]) && !isset($_POST['unset'])) { |