1 files changed, 19 insertions, 18 deletions

diff --git a/init.php b/init.php
index 993723e..3ea1c4d 100644
--- a/init.php
+++ b/init.php
@@ -1,31 +1,32 @@
 <?php
 define("BASE", __DIR__);
 
-$old = '';
-while ($old != $_SERVER['QUERY_STRING']) {
-  $old = $_SERVER['QUERY_STRING'];
-  $_SERVER['QUERY_STRING'] = urldecode($_SERVER['QUERY_STRING']);
-}
 $_SERVER['QUERY_STRING'] =
   str_replace('&amp;', '&',
-    htmlspecialchars($_SERVER['QUERY_STRING'])
+    htmlspecialchars(
+      preg_replace(
+        '/%.?.?/', '',
+        $_SERVER['QUERY_STRING']
+      )
+    )
   );
 
-$old = '';
-while ($old != $_SERVER['REQUEST_URI']) {
-  $old = $_SERVER['REQUEST_URI'];
-  $_SERVER['REQUEST_URI'] = urldecode($_SERVER['REQUEST_URI']);
-}
 $_SERVER['REQUEST_URI'] =
   str_replace('&amp;', '&',
-    htmlspecialchars($_SERVER['REQUEST_URI'])
+    htmlspecialchars(
+      preg_replace(
+        '/%.?.?/', '',
+        $_SERVER['REQUEST_URI']
+      )
+    )
   );
 
 foreach ($_GET as $key => $val) {
-  $old = '';
-  while ($old != $_GET[$key]) {
-    $old = $_GET[$key];
-    $_GET[$key] = urldecode($_GET[$key]);
-  }
-  $_GET[$key] = htmlspecialchars($_GET[$key]);
+  $_GET[$key] =
+    htmlspecialchars(
+      preg_replace(
+        '/%.?.?/', '',
+        $_GET[$key]
+      )
+    );
 }