diff options
| author | Harald Eilertsen <haraldei@anduin.net> | 2021-04-02 12:43:16 +0200 |
|---|---|---|
| committer | Harald Eilertsen <haraldei@anduin.net> | 2021-04-02 12:43:16 +0200 |
| commit | a0359acccbecbea6be0e73e0957f2ddc0e2eb941 (patch) | |
| tree | b6482a0b9b2caefdcfa376dc7eb33bf7a8cb59df | |
| parent | 65d1dcfb5ce005f7806b1c8d3e2ffbd52ffe4318 (diff) | |
| download | gigologadmin-a0359acccbecbea6be0e73e0957f2ddc0e2eb941.tar.gz gigologadmin-a0359acccbecbea6be0e73e0957f2ddc0e2eb941.tar.bz2 gigologadmin-a0359acccbecbea6be0e73e0957f2ddc0e2eb941.zip | |
Sanitize input in AdminPage::get_concerts.
| -rw-r--r-- | includes/admin/views/giglog_admin_page.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/includes/admin/views/giglog_admin_page.php b/includes/admin/views/giglog_admin_page.php index b99c95e..0f8df53 100644 --- a/includes/admin/views/giglog_admin_page.php +++ b/includes/admin/views/giglog_admin_page.php @@ -100,10 +100,10 @@ if ( !class_exists( 'GiglogAdmin_AdminPage' ) ) { <th>STATUS</th></tr>'; // Use the submitted "city" if any. Otherwise, use the default/static value. - $cty = filter_input( INPUT_POST, 'selectcity' ); + $cty = filter_input( INPUT_POST, 'selectcity', FILTER_SANITIZE_SPECIAL_CHARS ); $cty = $cty ? $cty: 'ALL'; - $venue = filter_input( INPUT_POST, 'selectvenue' ); + $venue = filter_input( INPUT_POST, 'selectvenue', FILTER_SANITIZE_SPECIAL_CHARS ); $venue = $venue ? $venue : '0'; |