Removed some more potential XSS problems.

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@2826 c91229c3-7414-0410-bfa2-8a42b809f60b

Removed some more potential XSS problems.
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@2826 c91229c3-7414-0410-bfa2-8a42b809f60b
andrew
1 parent b0c4d672
Showing 2 changed files with 3 additions and 3 deletions
presentation/lookAndFeel/knowledgeTree/create.php
presentation/lookAndFeel/knowledgeTree/store.php
@@ -98,7 +98,7 @@ if ($oObject-&gt;create()) {
  
 //redirect the user
 if (isset($fRedirectURL)) {
-	redirect(urldecode($fRedirectURL) . $oObject->iId . "&fSuccess=" . $bSuccess);
+	redirect(strip_tags(urldecode($fRedirectURL)) . $oObject->iId . "&fSuccess=" . $bSuccess);
 } else {
 	redirect("$default->rootUrl/control.php");
 }
@@ -42,6 +42,6 @@ if (count($_POST) &gt; 0) {
 		$sql = $default->db;
 		$sql->query($aQueries[$i]);
 	}
-	redirect(urldecode($fReturnURL));
+	redirect(strip_tags(urldecode($fReturnURL)));
 }
-?>
 \ No newline at end of file
+?>