From 9b88b1b6cc6a5e857ebdd967858c71f226cdea14 Mon Sep 17 00:00:00 2001
From: bochard <git@bochard.net>
Date: Wed, 11 Feb 2026 17:53:46 +0800
Subject: [PATCH] guestbook.php form sanitization

---
 guestbook.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/guestbook.php b/guestbook.php
index fa226f1..cbba13e 100644
--- a/guestbook.php
+++ b/guestbook.php
@@ -38,11 +38,11 @@
 						
 						// entry submission
 						if ($_SERVER["REQUEST_METHOD"] == "POST"){
-							$name = $_POST['name'];
-							$country = $_POST['country'];
-							$website = $_POST['website'];
-							$email = $_POST['email'];
-							$comment = $_POST['comment'];
+							$name = htmlspecialchars($_POST['name'], ENT_QUOTES, "UTF-8");
+							$country = htmlspecialchars($_POST['country'], ENT_QUOTES, "UTF-8");
+							$website = htmlspecialchars($_POST['website'], ENT_QUOTES, "UTF-8");
+							$email = htmlspecialchars($_POST['email'], ENT_QUOTES, "UTF-8");
+							$comment = htmlspecialchars($_POST['comment'], ENT_QUOTES, "UTF-8");
 							$ip_addr = $_SERVER['REMOTE_ADDR'];
 							
 							// query
-- 
2.39.5