Enforce sanity before returning from database

html/includes/vars.inc.php

@@ -23,7 +23,7 @@ else {
 foreach ($segments as $pos => $segment) {
     $segment = urldecode($segment);
     if ($pos == '0') {
-        $vars['page'] =htmlentities( $segment);
+        $vars['page'] = htmlentities($segment);
     }
     else {
         list($name, $value) = explode('=', $segment);

includes/common.php

@@ -1255,3 +1255,13 @@ function get_port_id ($ports_mapped, $port, $port_association_mode) {
 
     return $port_id;
 }
+
+/**
+ * Sanitize
+ * @param mixed $item Reference to Item
+ * @param mixed $key Key
+ * @return void
+ */
+function sanitize_array(&$item, $key) {
+    $item = htmlentities($item);
+}

includes/dbFacile.mysql.php

@@ -266,6 +266,7 @@ function dbFetchRows($sql, $parameters=array(), $nocache=false) {
         if ($config['memcached']['enable'] && $nocache === false) {
             $config['memcached']['resource']->set(hash('sha512',$sql.'|'.serialize($parameters)),$rows,$config['memcached']['ttl']);
         }
+        array_walk_recursive($rows,'sanitize_array');
         return $rows;
     }
 
@@ -333,6 +334,7 @@ function dbFetchRow($sql=null, $parameters=array(), $nocache=false) {
         if ($config['memcached']['enable'] && $nocache === false) {
             $config['memcached']['resource']->set(hash('sha512',$sql.'|'.serialize($parameters)),$row,$config['memcached']['ttl']);
         }
+        array_walk_recursive($row,'sanitize_array');
         return $row;
     }
     else {

includes/dbFacile.mysqli.php

@@ -267,6 +267,7 @@ function dbFetchRows($sql, $parameters=array(), $nocache=false) {
         if ($config['memcached']['enable'] && $nocache === false) {
             $config['memcached']['resource']->set(hash('sha512',$sql.'|'.serialize($parameters)),$rows,$config['memcached']['ttl']);
         }
+        array_walk_recursive($rows,'sanitize_array');
         return $rows;
     }
 
@@ -334,6 +335,7 @@ function dbFetchRow($sql=null, $parameters=array(), $nocache=false) {
         if ($config['memcached']['enable'] && $nocache === false) {
             $config['memcached']['resource']->set(hash('sha512',$sql.'|'.serialize($parameters)),$row,$config['memcached']['ttl']);
         }
+        array_walk_recursive($row,'sanitize_array');
         return $row;
     }
     else {