4525: Sanitize all input fields to disallow XSS. All the input field that most likel...

[acontent.git] / docs / tests / question_import.php

diff --git a/docs/tests/question_import.php b/docs/tests/question_import.php
index 48952fc..f1b8292 100644 (file)
--- a/docs/tests/question_import.php
+++ b/docs/tests/question_import.php
@@ -281,7 +281,7 @@ if (!$overwrite && !empty($existing_files)){
        echo '<input type="submit" class="" name="submit_yes" value="'._AT('yes').'"/>';
        echo '<input type="submit" class="" name="submit_no" value="'._AT('no').'"/>';
        echo '<input type="hidden" name="submit_import" value="submit_import" />';
-       ECHO '<input type="hidden" name="url" value="'.$_POST['url'].'" />';
+       echo '<input type="hidden" name="url" value="'.AT_print($_POST['url'], 'input.hidden').'" />';
        echo '</div></div>';
        echo '</form>';
        require (TR_INCLUDE_PATH.'footer.inc.php');