[add] xss filter

author: Stanislav-Wolski <stanislau.wolski@gmail.com> 2012-05-21 19:54:39 +0300
committer: Stanislav-Wolski <stanislau.wolski@gmail.com> 2012-05-21 19:54:39 +0300
commit: 23ad1746c8a823f81099b66a4dcc66310c657827 (patch)
tree: e3f3e57478f86451f278190aae5932fb65475499 /codebase/data_connector.php
parent: 2f3109a94c96af3cbaa8973407d27d072d489248 (diff)
download: connector-php-23ad1746c8a823f81099b66a4dcc66310c657827.zip
connector-php-23ad1746c8a823f81099b66a4dcc66310c657827.tar.gz
connector-php-23ad1746c8a823f81099b66a4dcc66310c657827.tar.bz2
1 files changed, 7 insertions, 2 deletions
diff --git a/codebase/data_connector.php b/codebase/data_connector.php
index 45660db..ce454b9 100644
--- a/codebase/data_connector.php
+++ b/codebase/data_connector.php
@@ -9,8 +9,13 @@ class CommonDataProcessor extends DataProcessor{
 	protected function get_post_values($ids){
 		if (isset($_GET['action'])){
 			$data = array();
-			if (isset($_POST["id"]))
-				$data[$_POST["id"]] = $_POST;
+			if (isset($_POST["id"])){
+				$dataset = array();
+				foreach($_POST as $key=>$value)
+					$dataset[$key] = ConnectorSecurity::filter($value);
+
+				$data[$_POST["id"]] = $dataset;
+			}
 			else
 				$data["dummy_id"] = $_POST;
 			return $data;
author	Stanislav-Wolski <stanislau.wolski@gmail.com>	2012-05-21 19:54:39 +0300
committer	Stanislav-Wolski <stanislau.wolski@gmail.com>	2012-05-21 19:54:39 +0300
commit	23ad1746c8a823f81099b66a4dcc66310c657827 (patch)
tree	e3f3e57478f86451f278190aae5932fb65475499 /codebase/data_connector.php
parent	2f3109a94c96af3cbaa8973407d27d072d489248 (diff)
download	connector-php-23ad1746c8a823f81099b66a4dcc66310c657827.zip connector-php-23ad1746c8a823f81099b66a4dcc66310c657827.tar.gz connector-php-23ad1746c8a823f81099b66a4dcc66310c657827.tar.bz2