From 9827deddf5fa7d5f85e863380fa98986c83ace08 Mon Sep 17 00:00:00 2001
From: Steffen Lange <github@stelas.de>
Date: Tue, 23 Apr 2019 18:16:32 +0200
Subject: [PATCH] Modify input var filtering

---
 todaylist.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/todaylist.php b/todaylist.php
index 18daa47..2174c06 100644
--- a/todaylist.php
+++ b/todaylist.php
@@ -39,7 +39,7 @@ if (!isset($_SERVER['PHP_AUTH_USER'])) {
 }
 
 $today = date('Ymd');
-$dav = new CalDAVClient(CALDAVURL, strip_tags($_SERVER['PHP_AUTH_USER']), strip_tags($_SERVER['PHP_AUTH_PW']));
+$dav = new CalDAVClient(CALDAVURL, filter_var($_SERVER['PHP_AUTH_USER']), filter_var($_SERVER['PHP_AUTH_PW']));
 $davoptions = $dav->DoOptionsRequest();
 if (!isset($davoptions['PROPFIND'])) {
 	exit('CalDAV request failed.');