archive/piwigo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

bug 1850 fixed: strong check of $_GET['cat']

Browse source 
git-svn-id: http://piwigo.org/svn/branches/2.1@6909 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
plegall 2010-09-13 21:10:27 +00:00
parent 4a28e4dfcd
commit faa88d61bd
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
comments.php
View file

@ -104,6 +104,8 @@ $page['where_clauses'] = array();
// which category to filter on ? // which category to filter on ?
if (isset($_GET['cat']) and 0 != $_GET['cat']) if (isset($_GET['cat']) and 0 != $_GET['cat'])
{ {
check_input_parameter('cat', $_GET, false, PATTERN_ID);
$page['where_clauses'][] = $page['where_clauses'][] =
'category_id IN ('.implode(',', get_subcat_ids(array($_GET['cat']))).')'; 'category_id IN ('.implode(',', get_subcat_ids(array($_GET['cat']))).')';
} }