Security

• Addressed a potential security vulnerability related to the ajax_change_month function; we now ensure only valid dates get $_POSTed (thanks to Mikko Verenius for reporting this to us!)