comoblog-commit

[Mark W. \(a. serialmonkey\) <mar...@us...>]

Update of /cvsroot/comoblog/comoblog
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4264

Modified Files:
	img.php 
Log Message:
Fix a XSS

Index: img.php
===================================================================
RCS file: /cvsroot/comoblog/comoblog/img.php,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -d -r1.1.1.1 -r1.2
--- img.php	16 Aug 2005 05:49:43 -0000	1.1.1.1
+++ img.php	29 Mar 2006 04:36:04 -0000	1.2
@@ -1,5 +1,7 @@
 <?php
-$img_name = $_GET['i'];
+require_once ("include/config.inc.php"); 
+
+$img_name = clean_up_html($_GET['i']);
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">