From e887951cee0bd684910fc15aae6e0bb02ee3ea2e Mon Sep 17 00:00:00 2001
From: vincent <v.gramaglia@schmamazon.com>
Date: Wed, 16 Apr 2025 09:42:52 +0200
Subject: [PATCH] addressed Issue smzint/Auth#2

---
 auth.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auth.php b/auth.php
index 8685a86..06ac5b7 100644
--- a/auth.php
+++ b/auth.php
@@ -10,7 +10,7 @@ if(!isset($_COOKIE[$cookie_name])) {
   // Nicht angemeldet
   return false;
 } else {
-  $sessionId = $_COOKIE[$cookie_name];
+  $sessionId = filter_var($_COOKIE[$cookie_name], FILTER_SANITIZE_SPECIAL_CHARS);
   include('db.ini.php');
 
   $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);