From 97f53f33627a922f92796648108c50411a55401c Mon Sep 17 00:00:00 2001
From: TheMrNomis <n0m1s@homnomnom.fr>
Date: Thu, 24 Mar 2016 10:47:03 +0100
Subject: [PATCH] security

---
 eventAdded.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/eventAdded.php b/eventAdded.php
index 16627ff..57e43b9 100644
--- a/eventAdded.php
+++ b/eventAdded.php
@@ -10,10 +10,11 @@ $localisation = htmlentities($_POST['address']);
 $dtstart = strtotime($_POST['dtstart']);
 $dtend = strtotime($_POST['dtend']);
 $description = htmlentities($_POST['description']);
-$url = $_POST['site'];
-$urlImage = $_POST['urlImage'];
-$contact = $_POST['contact'];
-$catArray = $_POST['chk_group'];
+$url = htmlspecialchars($_POST['site']);
+$urlImage = htmlspecialchars($_POST['urlImage']);
+$contact = htmlspecialchars($_POST['contact']);
+$catArray = htmlspecialchars($_POST['chk_group']);
+
 if(!isset($_POST['id']))
    addEvent($db, $titre, $catArray, $localisation, $dtstart, $dtend, $description, $url, $urlImage, $contact);
 else