AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Change stripslashes to strip_tags for better html sanitization

This commit is contained in:
Marcus Hill 2023-01-02 19:28:24 +00:00
parent 24f825ca08
commit a66b6052df
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
clients.php
View File

@ -119,7 +119,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
<div class="row">
<div class="col-sm-4">
<div class="input-group">
<input type="search" class="form-control" name="query" value="<?php if(isset($query)){echo stripslashes(htmlentities($query));} ?>" placeholder="Search Clients" autofocus>
<input type="search" class="form-control" name="query" value="<?php if(isset($query)){echo strip_tags(htmlentities($query));} ?>" placeholder="Search Clients" autofocus>
<div class="input-group-append">
<button class="btn btn-secondary" type="button" data-toggle="collapse" data-target="#advancedFilter"><i class="fas fa-filter"></i></button>
<button class="btn btn-primary"><i class="fa fa-search"></i></button>