--- a/displayCalendar.php +++ b/displayCalendar.php @@ -5,7 +5,7 @@ if ($_REQUEST['month']) { - $monthParts = explode("-", $_REQUEST['month']); + $monthParts = explode("-", str_replace(Array("'","/","\\",'-'), "",$_REQUEST['month'])); $year = $monthParts[1]; $month = $monthParts[0]; $monthName = date("F Y", mktime(0,0,0,$month,1,$year)); @@ -81,7 +81,7 @@ setlocale(LC_MONETARY, 'en_US'); $value = number_format(doubleval($row["val"]), 2); $month_name = date('F', mktime(0, 0, 0, $row[1])); - echo ("<tr><td><b><a href=\"?month=$row[1]-$row[0]\">$month_name {$row[0]}</a></b></td><td>\$$value</td><td>({$row['count']} contracts)</td></tr>"); + echo ('<tr><td><b><a href="?month=$row[1]-$row[0]">'.$month_name.' '.$row[0].'</a></b></td><td>$'.$value.'</td><td>(' .$row['count'].' contracts)</td></tr>'); } echo "</table>"; }