[php-blog-cvs] serendipity comment.php,1.45,1.46 serendipity_functions.inc.php,1.419,1.420

[Tom S. <tom...@us...>]

Update of /cvsroot/php-blog/serendipity
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8371

Modified Files:
	comment.php serendipity_functions.inc.php 
Log Message:
- Don't allow people to crap our URIs by inserting bogus IDs


Index: serendipity_functions.inc.php
===================================================================
RCS file: /cvsroot/php-blog/serendipity/serendipity_functions.inc.php,v
retrieving revision 1.419
retrieving revision 1.420
diff -u -d -r1.419 -r1.420
--- serendipity_functions.inc.php	9 Sep 2004 10:52:02 -0000	1.419
+++ serendipity_functions.inc.php	13 Sep 2004 20:06:26 -0000	1.420
@@ -2458,7 +2458,7 @@
 function serendipity_archiveURL($id, $title, $key = 'baseURL', $checkrewrite = true) {
 global $serendipity;
 
-    return $serendipity[$key] . ($checkrewrite && $serendipity['rewrite'] == 'none' ? $serendipity['indexFile'] . '?/' : '') . PATH_ARCHIVES . '/' . $id . '-' . serendipity_makeFilename($title) . '.html';
+    return $serendipity[$key] . ($checkrewrite && $serendipity['rewrite'] == 'none' ? $serendipity['indexFile'] . '?/' : '') . PATH_ARCHIVES . '/' . (int)$id . '-' . serendipity_makeFilename($title) . '.html';
 }
 
 /**

Index: comment.php
===================================================================
RCS file: /cvsroot/php-blog/serendipity/comment.php,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -d -r1.45 -r1.46
--- comment.php	13 Sep 2004 19:53:11 -0000	1.45
+++ comment.php	13 Sep 2004 20:06:26 -0000	1.46
@@ -106,7 +106,7 @@
     } else if (!isset($serendipity['POST']['submit'])) {
         echo $html_header;
         if ($serendipity['GET']['type'] == 'trackbacks') {
-            $tbu = $serendipity['baseURL'] . 'comment.php?type=trackback&entry_id=' . $serendipity['GET']['entry_id'];
+            $tbu = $serendipity['baseURL'] . 'comment.php?type=trackback&entry_id=' . (int)$serendipity['GET']['entry_id'];
             $query = "SELECT title FROM {$serendipity['dbPrefix']}entries WHERE id = '". (int)$serendipity['GET']['entry_id'] ."'";
             $entry = serendipity_db_query($query);
             $entry = serendipity_archiveURL($serendipity['GET']['entry_id'], $entry[0]['title'], 'baseURL');