bug 1391 fixed: prevent from SQL injection

git-svn-id: http://piwigo.org/svn/branches/2.0@4742 68402e56-0260-453c-a942-63ccdbb3a9ee
author: plegall <plg@piwigo.org> 2010-01-25 15:18:49 +0000
committer: plegall <plg@piwigo.org> 2010-01-25 15:18:49 +0000
commit: fb21d51aa219f96d2dc3780d352411df93450a34 (patch)
tree: c91ad55f8dbeba3a1c5f721a571ab31df118de40
parent: f7470e555dd4f2ee73c57794c26645fff4dd887f (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/feed.php b/feed.php
index bbd4956f5..4da7fb4fe 100644
--- a/feed.php
+++ b/feed.php
@@ -63,6 +63,8 @@ function ts_to_iso8601($ts)
 // |                            initialization                             |
 // +-----------------------------------------------------------------------+
 
+check_input_parameter('feed', $_GET['feed'], false, '/^[0-9a-z]{50}$/i');
+
 $feed_id= isset($_GET['feed']) ? $_GET['feed'] : '';
 $image_only=isset($_GET['image_only']);
author	plegall <plg@piwigo.org>	2010-01-25 15:18:49 +0000
committer	plegall <plg@piwigo.org>	2010-01-25 15:18:49 +0000
commit	fb21d51aa219f96d2dc3780d352411df93450a34 (patch)
tree	c91ad55f8dbeba3a1c5f721a571ab31df118de40
parent	f7470e555dd4f2ee73c57794c26645fff4dd887f (diff)