From 1439175616e46f2f935782ab2989f2eef5226d17 Mon Sep 17 00:00:00 2001
From: Steffen Lange <github@stelas.de>
Date: Thu, 11 Apr 2019 17:24:26 +0200
Subject: [PATCH] Fix input sanitization

---
 oertliche.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/oertliche.php b/oertliche.php
index 94a56da..64e8ecf 100644
--- a/oertliche.php
+++ b/oertliche.php
@@ -72,7 +72,7 @@ function lookupCaller($number) {
 
 header('Content-Type: text/xml; charset=utf-8');
 echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n\r\n";
-if (isset($_GET['hm']) && is_numeric($_GET['hm'])) {
+if (isset($_GET['hm']) && preg_match('/^\d+$/', $_GET['hm'])) {
   $caller = lookupCaller($_GET['hm']);
   if (is_array($caller))
     printResponse($caller);