From 31162694620d1f36a59639dbd0d1b00bf4a740f8 Mon Sep 17 00:00:00 2001
From: Thomas Penteker <tek@serverop.de>
Date: Sun, 8 Feb 2015 16:38:03 +0100
Subject: index.php: _really_ sanitize user input

---
 portdb/portdb/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/portdb/portdb/index.php b/portdb/portdb/index.php
index 01253ae..bb1b2b4 100755
--- a/portdb/portdb/index.php
+++ b/portdb/portdb/index.php
@@ -13,7 +13,7 @@ function nospam($mail) {
 }
 
 function sanitize($str) {
-  return $str;
+  return preg_replace("/[^[:alnum:][:space:]_+-\.]/ui", '', $str);
 }
 
 function localrepo($name) {
-- 
cgit v1.2.3