From abc81a92b420743b816ad68b274046607b906942 Mon Sep 17 00:00:00 2001
From: Albert Santoni <albert.santoni@sourcefabric.org>
Date: Fri, 12 Jun 2015 13:11:28 -0400
Subject: [PATCH] XSS prevention for Radio Page

---
 airtime_mvc/application/common/SecurityHelper.php     | 11 +++++++++++
 .../application/views/scripts/index/index.phtml       |  4 ++--
 2 files changed, 13 insertions(+), 2 deletions(-)
 create mode 100644 airtime_mvc/application/common/SecurityHelper.php

diff --git a/airtime_mvc/application/common/SecurityHelper.php b/airtime_mvc/application/common/SecurityHelper.php
new file mode 100644
index 000000000..af4d712eb
--- /dev/null
+++ b/airtime_mvc/application/common/SecurityHelper.php
@@ -0,0 +1,11 @@
+<?php
+/**
+ * Created by PhpStorm.
+ * User: asantoni
+ * Date: 12/06/15
+ * Time: 12:24 PM
+ */
+
+class SecurityHelper {
+
+}
\ No newline at end of file
diff --git a/airtime_mvc/application/views/scripts/index/index.phtml b/airtime_mvc/application/views/scripts/index/index.phtml
index 8c887a579..56052f844 100644
--- a/airtime_mvc/application/views/scripts/index/index.phtml
+++ b/airtime_mvc/application/views/scripts/index/index.phtml
@@ -15,8 +15,8 @@
 
     
     <div id="tab-2" class="about_us tab_content">
-        <h1><?php echo $this->stationName ?></h1>
-        <p><?php echo $this->stationDescription ?></p>
+        <h1><?php echo $this->escape($this->stationName) ?></h1>
+        <p><?php echo $this->escape($this->stationDescription) ?></p>
     </div>
 
     <div id="tab-3" class="login tab_content">