[Linpha-cvs] linpha new_images.php,1.30,1.31
Status: Inactive
Brought to you by:
bzrudi
Menu
▾
▴
[Linpha-cvs] linpha new_images.php,1.30,1.31
|
From: bzrudi <bz...@us...> - 2008-04-14 10:07:33
|
Update of /cvsroot/linpha/linpha In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21811 Modified Files: new_images.php Log Message: fixed possible XSS (see LinPHA Bugs item #1939188) Index: new_images.php =================================================================== RCS file: /cvsroot/linpha/linpha/new_images.php,v retrieving revision 1.30 retrieving revision 1.31 diff -C2 -d -r1.30 -r1.31 *** new_images.php 29 Sep 2005 20:15:51 -0000 1.30 --- new_images.php 14 Apr 2008 10:07:25 -0000 1.31 *************** *** 32,35 **** --- 32,47 ---- } + /* + * XSS check + */ + if(isset($_GET['pn']) || isset($_GET['order'])) + { + $numeric_test = array('pn'); + xss_security_check($numeric_test, 'int'); + + $string_test = array('order'); + xss_security_check($string_test, 'string'); + } + include_once(TOP_DIR.'/include/img_view.class.php'); $img_view = new ImgView(); |
