aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2010-01-25 15:19:17 +0000
committerplegall <plg@piwigo.org>2010-01-25 15:19:17 +0000
commit24d725c9eb7a832ad7f515fa5418e0813ea6a9ba (patch)
treef91858e79e608d80c83f015a2afddf4dafeeffb7
parent4cc6d4172ecb82cba40dff2c63a91580646a647f (diff)
merge r4742 from branch 2.0 to trunk
bug 1391 fixed: prevent from SQL injection git-svn-id: http://piwigo.org/svn/trunk@4743 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r--feed.php2
1 files changed, 2 insertions, 0 deletions
diff --git a/feed.php b/feed.php
index 229f1156c..5d015c573 100644
--- a/feed.php
+++ b/feed.php
@@ -63,6 +63,8 @@ function ts_to_iso8601($ts)
// | initialization |
// +-----------------------------------------------------------------------+
+check_input_parameter('feed', $_GET['feed'], false, '/^[0-9a-z]{50}$/i');
+
$feed_id= isset($_GET['feed']) ? $_GET['feed'] : '';
$image_only=isset($_GET['image_only']);