From d17188d89529187fa3b45e47b55cd48deac3f1be Mon Sep 17 00:00:00 2001
From: bx khateri <bx@bxs-MacBook-Pro.local>
Date: Thu, 23 Nov 2023 16:02:32 +0100
Subject: [PATCH] forgot mot de passe, login

---
 forgotpassword.php | 4 ++--
 login.php          | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/forgotpassword.php b/forgotpassword.php
index 884f648..90a0bda 100644
--- a/forgotpassword.php
+++ b/forgotpassword.php
@@ -9,7 +9,7 @@ $message = null;
 
 
 if (isset($_POST['email']) && !empty($_POST['email'])) {
-    $provided_email = $_POST['email'];
+    $provided_email = htmlspecialchars($_POST['email']);
 }
 if (isset($_POST['email']) && empty($_POST['email'])) {
     $errors = 'email should\'nt be empty';
@@ -18,7 +18,7 @@ if (isset($_POST['email']) && empty($_POST['email'])) {
 
 
 if (isset($_POST['password']) && !empty($_POST['password'])) {
-    $provided_password = $_POST['password'];
+    $provided_password = htmlspecialchars($_POST['password']);
 }
 if (isset($_POST['password']) && empty($_POST['password'])) {
     $errors = 'password is required';
diff --git a/login.php b/login.php
index e406404..b3a2eb8 100644
--- a/login.php
+++ b/login.php
@@ -10,11 +10,11 @@ if ($obj->loggedin($obj)) {
 }
 
 if (isset($_POST['email'])) {
-    $provided_email = $_POST['email'];
+    $provided_email = htmlspecialchars($_POST['email']);
 }
 
 if (isset($_POST['password'])) {
-    $provided_password = $_POST['password'];
+    $provided_password = htmlspecialchars($_POST['password']);
 }
 
 
-- 
GitLab