From 6d325063ea9a71890596b95871bde04797fd2c3d Mon Sep 17 00:00:00 2001 From: Jim Hu Date: Wed, 16 May 2007 22:20:47 +0000 Subject: fix xss vulnerability by adding sanitizer for input vars from post, get, cookie, request --- functions/init.inc.php | 1 + 1 file changed, 1 insertion(+) (limited to 'functions/init.inc.php') diff --git a/functions/init.inc.php b/functions/init.inc.php index 96dc27b..619dfa5 100644 --- a/functions/init.inc.php +++ b/functions/init.inc.php @@ -14,6 +14,7 @@ $ALL_CALENDARS_COMBINED = 'all_calendars_combined971'; // Pull in the configuration and some functions. if (!defined('BASE')) define('BASE', './'); include_once(BASE.'config.inc.php'); +include_once(BASE.'functions/sanitize.php'); $cookie_name = 'phpicalendar_'.basename($default_path); if (isset($_COOKIE["$cookie_name"]) && !isset($_POST['unset'])) { -- cgit v1.2.3