I have HTML site and we are using PHP code to manage contact page. Currently, we are facing issue with URL injection alert from security scan. Found the issue is with following two lines PHP codes, but unable to validate date input.
<div class="field calendar"><input name="contact-arrival" type="date" placeholder="Arrival Date" id="contact-arrival" value="<?php if (isset($_POST['arrival']) && !empty($_POST['arrival'])) { echo $_POST['arrival']; } else { echo '';} ?>" readonly /><i class="fa fa-calendar-o"></i></div>
<div class="field calendar"><input name="contact-departure" type="date" placeholder="Departure Date" id="contact-departure" value="<?php if (isset($_POST['departure']) && !empty($_POST['departure'])) { echo $_POST['departure']; } else { echo '';} ?>" readonly /><i class="fa fa-calendar-o"></i></div>
