diff --git a/README.md b/README.md
index 4fe6ad8..7c12f8c 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,7 @@ DashboardFE should work on a standard LAMP stack with the most common php extens
While the project works with a decent amount of stability, please note that it is still a work in progress, it can contain several not yet detected bugs or missing some features. The project it's in a constant state of change and improvement.
-If you wanna test it first to see if you like it you can check the testing instance here: http://ayanami.ga/dashboard
+If you wanna test it first to see if you like it you can check the testing instance here: http://hiroyuki-wiki.ga/dashboard
# Installation
diff --git a/action.php b/action.php
index b6701fa..dd8cf62 100644
--- a/action.php
+++ b/action.php
@@ -93,7 +93,15 @@ if (isset($_POST['action']) && $_POST['action'] == "settings"){
$user_settings['mtwords'] = array();
$mtwords = explode("\n",$value);
foreach ($mtwords as $word){
- $user_settings['mtwords'][] = $word;
+ $user_settings['mtwords'][] = sanitize($word);
+ }
+ break;
+
+ case "fhtags":
+ $user_settings['fhtags'] = array();
+ $fhtags = explode("\n",$value);
+ foreach ($fhtags as $word){
+ $user_settings['fhtags'][] = sanitize($word);
}
break;
@@ -276,6 +284,7 @@ foreach($_GET as $key => $value){
case "userinfo":
$info = api_get("accounts/".htmlentities($value));
$rel = api_get("accounts/relationships?id=".htmlentities($value));
+ /*
$photos = api_get("accounts/".htmlentities($value)."/statuses?only_media=true&limit=5&exclude_reblogs=true");
$photo = array();
$c = 0;
@@ -294,6 +303,7 @@ foreach($_GET as $key => $value){
}
}
}
+ */
echo "