diff options
| -rw-r--r-- | pages/wot/5.php | 12 | ||||
| -rw-r--r-- | pages/wot/6.php | 6 | ||||
| -rw-r--r-- | www/wot.php | 6 |
3 files changed, 12 insertions, 12 deletions
diff --git a/pages/wot/5.php b/pages/wot/5.php index a9c3dcb..7fdd1c5 100644 --- a/pages/wot/5.php +++ b/pages/wot/5.php @@ -28,13 +28,13 @@ } if (!isset($_SESSION['assuresomeone']['year'])) { - $_SESSION['assuresomeone']['year'] = ''; + $_SESSION['assuresomeone']['year'] = 0; } if (!isset($_SESSION['assuresomeone']['month'])) { - $_SESSION['assuresomeone']['month'] = ''; + $_SESSION['assuresomeone']['month'] = 0; } if (!isset($_SESSION['assuresomeone']['day'])) { - $_SESSION['assuresomeone']['day'] = ''; + $_SESSION['assuresomeone']['day'] = 0; } ?> <? if(array_key_exists('noemailfound',$_SESSION['_config']) && $_SESSION['_config']['noemailfound'] == 1) { ?> @@ -75,13 +75,13 @@ <?=_("Date of Birth")?><br/> (<?=_("yyyy/mm/dd")?>)</td> <td class="DataTD"> - <input type="text" name="year" value="<?=array_key_exists('year',$_SESSION['assuresomeone']) ? sanitizeHTML($_SESSION['assuresomeone']['year']):""?>" size="4" autocomplete="off"></nobr> + <input type="text" name="year" value="<?=array_key_exists('year',$_SESSION['assuresomeone']) && intval($_SESSION['assuresomeone']['year']) !== 0 ? intval($_SESSION['assuresomeone']['year']):''?>" size="4" autocomplete="off"></nobr> <select name="month"> <? for($i = 1; $i <= 12; $i++) { echo "<option value='$i'"; - if(array_key_exists('month',$_SESSION['assuresomeone']) && $_SESSION['assuresomeone']['month'] == $i) + if(array_key_exists('month',$_SESSION['assuresomeone']) && intval($_SESSION['assuresomeone']['month']) === $i) echo " selected=\"selected\""; echo ">".ucwords(strftime("%B", mktime(0,0,0,$i,1,date("Y"))))." ($i)</option>\n"; } @@ -92,7 +92,7 @@ for($i = 1; $i <= 12; $i++) for($i = 1; $i <= 31; $i++) { echo "<option"; - if(array_key_exists('day',$_SESSION['assuresomeone']) && $_SESSION['assuresomeone']['day'] == $i) + if(array_key_exists('day',$_SESSION['assuresomeone']) && intval($_SESSION['assuresomeone']['day']) === $i) echo " selected=\"selected\""; echo ">$i</option>"; } diff --git a/pages/wot/6.php b/pages/wot/6.php index 6934d0f..200a526 100644 --- a/pages/wot/6.php +++ b/pages/wot/6.php @@ -24,9 +24,9 @@ } $row = $_SESSION['_config']['notarise']; - $_SESSION['assuresomeone']['year'] = ''; - $_SESSION['assuresomeone']['month'] = ''; - $_SESSION['assuresomeone']['day'] = ''; + $_SESSION['assuresomeone']['year'] = 0; + $_SESSION['assuresomeone']['month'] = 0; + $_SESSION['assuresomeone']['day'] = 0; if($_SESSION['profile']['ttpadmin'] == 1) // $methods = array("Face to Face Meeting", "Trusted 3rd Parties", "TopUP"); diff --git a/www/wot.php b/www/wot.php index e1d1572..40a60a6 100644 --- a/www/wot.php +++ b/www/wot.php @@ -199,9 +199,9 @@ function send_reminder() exit; } if ($_SESSION['profile']['ttpadmin'] != 1) { - $_SESSION['assuresomeone']['year'] = mysql_real_escape_string(stripslashes($_POST['year'])); - $_SESSION['assuresomeone']['month'] = mysql_real_escape_string(stripslashes($_POST['month'])); - $_SESSION['assuresomeone']['day'] = mysql_real_escape_string(stripslashes($_POST['day'])); + $_SESSION['assuresomeone']['year'] = intval($_POST['year']); + $_SESSION['assuresomeone']['month'] = intval($_POST['month']); + $_SESSION['assuresomeone']['day'] = intval($_POST['day']); $dob = $_SESSION['assuresomeone']['year'] . '-' . sprintf('%02d',$_SESSION['assuresomeone']['month']) . '-' . sprintf('%02d', $_SESSION['assuresomeone']['day']); if ( $_SESSION['_config']['notarise']['dob'] != $dob) { |