diff --git a/include/class.forms.php b/include/class.forms.php
index ded5e766371c9b05c8a53e1db062b4a4c5629ac8..c3396edabb62f18089d60bdad28cc01951b4098a 100644
--- a/include/class.forms.php
+++ b/include/class.forms.php
@@ -1017,12 +1017,13 @@ class PhoneNumberWidget extends Widget {
list($phone, $ext) = explode("X", $this->value);
?>
<input type="text" name="<?php echo $this->name; ?>" value="<?php
- echo $phone; ?>"/><?php
+ echo Format::htmlchars($phone); ?>"/><?php
// Allow display of extension field even if disabled if the phone
// number being edited has an extension
if ($ext || $config['ext']) { ?> Ext:
<input type="text" name="<?php
- echo $this->name; ?>-ext" value="<?php echo $ext; ?>" size="5"/>
+ echo $this->name; ?>-ext" value="<?php echo Format::htmlchars($ext);
+ ?>" size="5"/>
<?php }
}
diff --git a/include/client/edit.inc.php b/include/client/edit.inc.php
index 21f2ca726b1863bfe1b5f5eaf0f946606b0830b4..e01b2df4938ecde09b38b2db5747cb54d78d85f4 100644
--- a/include/client/edit.inc.php
+++ b/include/client/edit.inc.php
@@ -11,7 +11,7 @@ if(!defined('OSTCLIENTINC') || !$thisclient || !$ticket || !$ticket->checkUserAc
<form action="tickets.php" method="post">
<?php echo csrf_token(); ?>
<input type="hidden" name="a" value="edit"/>
- <input type="hidden" name="id" value="<?php echo $_REQUEST['id']; ?>"/>
+ <input type="hidden" name="id" value="<?php echo Format::htmlchars($_REQUEST['id']); ?>"/>
<table width="800">
<tbody id="dynamic-form">
<?php if ($forms)
diff --git a/include/client/tickets.inc.php b/include/client/tickets.inc.php
index 1c227ba4cdec255b7e75607abfeab143e549d305..6fb6abaa22723d3c966e1c6191c721c6f9b26fca 100644
--- a/include/client/tickets.inc.php
+++ b/include/client/tickets.inc.php
@@ -120,7 +120,7 @@ $negorder=$order=='DESC'?'ASC':'DESC'; //Negate the sorting
</select>
<input type="submit" value="Go">
</form>
-<a class="refresh" href="<?php echo $_SERVER['REQUEST_URI']; ?>">Refresh</a>
+<a class="refresh" href="<?php echo Format::htmlchars($_SERVER['REQUEST_URI']); ?>">Refresh</a>
<table id="ticketTable" width="800" border="0" cellspacing="0" cellpadding="0">
<caption><?php echo $showing; ?></caption>
<thead>
diff --git a/include/staff/pwreset.login.php b/include/staff/pwreset.login.php
index 6f93f1f0118093aefd5eb7b67568a560d2fb9066..8a7455ad8b28d5283b0f3ee6cd3f303f3262af6a 100644
--- a/include/staff/pwreset.login.php
+++ b/include/staff/pwreset.login.php
@@ -11,7 +11,7 @@ $info = ($_POST)?Format::htmlchars($_POST):array();
<form action="pwreset.php" method="post">
<?php csrf_token(); ?>
<input type="hidden" name="do" value="newpasswd"/>
- <input type="hidden" name="token" value="<?php echo $_REQUEST['token']; ?>"/>
+ <input type="hidden" name="token" value="<?php echo Format::htmlchars($_REQUEST['token']); ?>"/>
<fieldset>
<input type="text" name="userid" id="name" value="<?php echo
$info['userid']; ?>" placeholder="username or email"
diff --git a/include/staff/tickets.inc.php b/include/staff/tickets.inc.php
index 47382d556d004e492468856aaccecbf602fe5185..610d25fa5390080f7382174e2fd9bf27556d446f 100644
--- a/include/staff/tickets.inc.php
+++ b/include/staff/tickets.inc.php
@@ -308,7 +308,7 @@ if ($results) {
<div style="margin-bottom:20px">
<form action="tickets.php" method="POST" name='tickets'>
<?php csrf_token(); ?>
- <a class="refresh" href="<?php echo $_SERVER['REQUEST_URI']; ?>">Refresh</a>
+ <a class="refresh" href="<?php echo Format::htmlchars($_SERVER['REQUEST_URI']); ?>">Refresh</a>
<input type="hidden" name="a" value="mass_process" >
<input type="hidden" name="do" id="action" value="" >
<input type="hidden" name="status" value="<?php echo Format::htmlchars($_REQUEST['status']); ?>" >