sanitize all input against xss and fixed bug with time encoding when adding result

app/public/edit_station.php

@@ -5,21 +5,25 @@
     $user_data = check_admin($con);
 
     if($_SERVER['REQUEST_METHOD'] == "GET") {
+        $s_id = sanitize_input($_GET['s_id']);
         $row = get_station_all($con, $_GET['s_id'])->fetch();
         include("header_footer/header.php");
     }
 
     if($_SERVER['REQUEST_METHOD'] == "POST") {
-        $station = get_station_all($con, $_POST['station_id'])->fetch();
+        $station_id = sanitize_input($_POST['station_id']);
+        $station_name = sanitize_input($_POST['station_name']);
+        $station_pos = sanitize_input($_POST['station_pos']);
+        $station = get_station_all($con, $station_id)->fetch();
         $s_id = intval($station['s_id']);
         $name = strval($station['name']);
         $standort = strval($station['standort']);
-        if($name != $_POST['station_name']) {
-            update_station_name($con, $s_id, $_POST['station_name']);
+        if($name != $station_name) {
+            update_station_name($con, $s_id, $station_name);
         }
 
-        if($standort != $_POST['station_pos']) {
-            update_station_pos($con, $s_id, $_POST['station_pos']);
+        if($standort != $station_pos) {
+            update_station_pos($con, $s_id, $station_pos);
         }
         header("Location: stationen.php");
         die;