projects / photo-tags.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
escape all users input strings
[photo-tags.git] / index.php
diff --git a/index.php b/index.php
index 822df79c0bc8333c3cb55183baf14b181477df92..a6112aba1ed4604d05d74d49726af0aa1c5acfd0 100644 (file)
--- a/index.php
+++ b/index.php
@@ -15,7 +15,7 @@ else
   $page = 1;
 
 if(isset($_REQUEST["tag"]))
-  $tags = $_REQUEST["tag"];
+  $tags = htmlentities($_REQUEST["tag"]);
 else
   $tags = "";
 
A small web gallery that uses the f-spot database to show pictures and tags online using php, d3.js, sqlite3 and some bash scripts.