summaryrefslogtreecommitdiffstats
path: root/index.php
diff options
context:
space:
mode:
authorArun Persaud <arun@nubati.net>2011-11-26 22:20:22 -0800
committerArun Persaud <apersaud@lbl.gov>2011-11-26 22:20:22 -0800
commit629e06724cde4ecd8d1e30fa04567cc1960410c5 (patch)
tree9f971aafea48b11bb5868086cc22ebd05f896c17 /index.php
parent197867206e97f0b8d85cff0ef7f1bf88a33fd7aa (diff)
downloadphoto-tags-629e06724cde4ecd8d1e30fa04567cc1960410c5.tar.gz
photo-tags-629e06724cde4ecd8d1e30fa04567cc1960410c5.tar.bz2
photo-tags-629e06724cde4ecd8d1e30fa04567cc1960410c5.zip
escape all users input strings
use intval for integers or sqlite_escape_string for strings
Diffstat (limited to 'index.php')
-rw-r--r--index.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/index.php b/index.php
index 822df79..a6112ab 100644
--- a/index.php
+++ b/index.php
@@ -15,7 +15,7 @@ else
$page = 1;
if(isset($_REQUEST["tag"]))
- $tags = $_REQUEST["tag"];
+ $tags = htmlentities($_REQUEST["tag"]);
else
$tags = "";