diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_markers.php b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_markers.php
index 688ebe6d..cfa55921 100644
--- a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_markers.php
+++ b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_markers.php
@@ -19,7 +19,7 @@ if (strcmp($userid, '-guest-')) {
$loggedin = true;
}
-$path = $_REQUEST['marker'];
+$path = htmlspecialchars($_REQUEST['marker']);
if ((!isset($path)) || strstr($path, "..")) {
header('HTTP/1.0 500 Error');
echo "
500 Error
";
diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_tiles.php b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_tiles.php
index 51699bc1..00c3af2b 100644
--- a/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_tiles.php
+++ b/DynmapCore/src/main/resources/extracted/web/standalone/MySQL_tiles.php
@@ -19,7 +19,7 @@ if (strcmp($userid, '-guest-')) {
$loggedin = true;
}
-$path = $_REQUEST['tile'];
+$path = htmlspecialchars($_REQUEST['tile']);
if ((!isset($path)) || strstr($path, "..")) {
header('HTTP/1.0 500 Error');
echo "500 Error
";
diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_markers.php b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_markers.php
index 76beb457..98fc1cb3 100644
--- a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_markers.php
+++ b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_markers.php
@@ -19,7 +19,7 @@ if (strcmp($userid, '-guest-')) {
$loggedin = true;
}
-$path = $_REQUEST['marker'];
+$path = htmlspecialchars($_REQUEST['marker']);
if ((!isset($path)) || strstr($path, "..")) {
header('HTTP/1.0 500 Error');
echo "500 Error
";
diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_tiles.php b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_tiles.php
index b95d00cd..c2e1fb65 100644
--- a/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_tiles.php
+++ b/DynmapCore/src/main/resources/extracted/web/standalone/PostgreSQL_tiles.php
@@ -19,7 +19,7 @@ if (strcmp($userid, '-guest-')) {
$loggedin = true;
}
-$path = $_REQUEST['tile'];
+$path = htmlspecialchars($_REQUEST['tile']);
if ((!isset($path)) || strstr($path, "..")) {
header('HTTP/1.0 500 Error');
echo "500 Error
";
diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_markers.php b/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_markers.php
index 769f2562..7707bc9a 100644
--- a/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_markers.php
+++ b/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_markers.php
@@ -17,7 +17,7 @@ if (strcmp($userid, '-guest-')) {
$loggedin = true;
}
-$path = $_REQUEST['marker'];
+$path = htmlspecialchars($_REQUEST['marker']);
if ((!isset($path)) || strstr($path, "..")) {
header('HTTP/1.0 500 Error');
echo "500 Error
";
diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_tiles.php b/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_tiles.php
index 83cfaf29..9feea7fb 100644
--- a/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_tiles.php
+++ b/DynmapCore/src/main/resources/extracted/web/standalone/SQLite_tiles.php
@@ -17,7 +17,7 @@ if (strcmp($userid, '-guest-')) {
$loggedin = true;
}
-$path = $_REQUEST['tile'];
+$path = htmlspecialchars($_REQUEST['tile']);
if ((!isset($path)) || strstr($path, "..")) {
header('HTTP/1.0 500 Error');
echo "500 Error
";
diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/markers.php b/DynmapCore/src/main/resources/extracted/web/standalone/markers.php
index 795ef8de..541e0ebc 100644
--- a/DynmapCore/src/main/resources/extracted/web/standalone/markers.php
+++ b/DynmapCore/src/main/resources/extracted/web/standalone/markers.php
@@ -24,7 +24,7 @@ if (strcmp($userid, '-guest-')) {
$loggedin = true;
}
-$path = $_REQUEST['marker'];
+$path = htmlspecialchars($_REQUEST['marker']);
if ((!isset($path)) || strstr($path, "..")) {
header('HTTP/1.0 500 Error');
echo "500 Error
";
diff --git a/DynmapCore/src/main/resources/extracted/web/standalone/tiles.php b/DynmapCore/src/main/resources/extracted/web/standalone/tiles.php
index fdcf8c6d..11e46df4 100644
--- a/DynmapCore/src/main/resources/extracted/web/standalone/tiles.php
+++ b/DynmapCore/src/main/resources/extracted/web/standalone/tiles.php
@@ -24,7 +24,7 @@ if (strcmp($userid, '-guest-')) {
$loggedin = true;
}
-$path = $_REQUEST['tile'];
+$path = htmlspecialchars($_REQUEST['tile']);
if ((!isset($path)) || strstr($path, "..")) {
header('HTTP/1.0 500 Error');
echo "500 Error
";