4525: Sanitize all input fields to disallow XSS. All the input field that most likel...

[acontent.git] / docs / translation / index.php

diff --git a/docs/translation/index.php b/docs/translation/index.php
index c795b18..f108621 100644 (file)
--- a/docs/translation/index.php
+++ b/docs/translation/index.php
@@ -187,13 +187,13 @@ function trans_form() {
 ?>
 <br />
 <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>#anchor">
-       <input type="hidden" name="selected_term" value="<?php echo $_REQUEST['selected_term']; ?>" />
-       <input type="hidden" name="lang_code" value="<?php echo $_REQUEST['lang_code']; ?>" />
-       <input type="hidden" name="new_or_translated" value="<?php echo $_REQUEST['new_or_translated']; ?>" />
-       <input type="hidden" name="term_type" value="<?php echo $_REQUEST['term_type']; ?>" />
+       <input type="hidden" name="selected_term" value="<?php echo AT_print($_REQUEST['selected_term'], 'input.hidden'); ?>" />
+       <input type="hidden" name="lang_code" value="<?php echo AT_print($_REQUEST['lang_code'], 'input.hidden'); ?>" />
+       <input type="hidden" name="new_or_translated" value="<?php echo AT_print($_REQUEST['new_or_translated'], 'input.hidden'); ?>" />
+       <input type="hidden" name="term_type" value="<?php echo AT_print($_REQUEST['term_type']., 'input.hidden'); ?>" />
        <input type="hidden" name="search_phase" value="<?php echo htmlspecialchars(stripslashes($_REQUEST['search_phase'])); ?>" />
        <input type="hidden" name="variable" value="<?php echo $row_english['variable']; ?>" />
-       <input type="hidden" name="term" value="<?php echo $row_english['term']; ?>" />
+       <input type="hidden" name="term" value="<?php echo AT_print($row_english['term'], 'input.hidden'); ?>" />
 <?php if (isset($_REQUEST["submit"])) { ?>
        <input type="hidden" name="submit" value="1" />
 <?php } ?>