Changeset:
83b31ab4154f
https://sourceforge.net/p/mrbs/hg-code/ci/83b31ab4154fddbc4ff512eee551d0aadad2d3f3
Author:
Campbell Morrison <[email protected]>
Date:
Sun Mar 19 20:51:35 2017 +0000
Log message:
Restricted passing of id parameter to del_entry to POST.
diffstat:
web/del_entry.php | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
diffs (18 lines):
diff -r 8fed4546ccfe -r 83b31ab4154f web/del_entry.php
--- a/web/del_entry.php Sun Mar 19 20:36:58 2017 +0000
+++ b/web/del_entry.php Sun Mar 19 20:51:35 2017 +0000
@@ -12,10 +12,10 @@
require_once "mrbs_sql.inc";
// Get non-standard form variables
-$id = get_form_var('id', 'int');
-$series = get_form_var('series', 'int');
-$returl = get_form_var('returl', 'string');
-$action = get_form_var('action', 'string');
+$id = get_form_var('id', 'int', null, INPUT_POST);
+$series = get_form_var('series', 'int', null, INPUT_POST);
+$returl = get_form_var('returl', 'string', null, INPUT_POST);
+$action = get_form_var('action', 'string', null, INPUT_POST);
$note = get_form_var('note', 'string', '');
// Check the user is authorised for this page
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
