diff --git a/theme/rui/print.php b/theme/rui/print.php
index 0accfb8..9ed096f 100644
--- a/theme/rui/print.php
+++ b/theme/rui/print.php
@@ -13,7 +13,7 @@
 }
 */
 
-$maxWidth = isset($_GET["paperWidth"]) ? $_GET["paperWidth"] ."px" : "100%";
+$maxWidth = isset($_GET["paperWidth"]) ? safe_entities($_GET["paperWidth"]) ."px" : "100%";
 
 ?>
 
@@ -106,7 +106,7 @@
       // Print the msg if exitst
       if(isset($_GET["msg"])) {
         echo "<div class='no-print'>
-                <div class='alert alert-success'>{$_GET['msg']}</div>
+                <div class='alert alert-success'>". safe_entities($_GET['msg']) ."</div>
               </div>";
       }