bug 1329 fixed: add a check_input_parameter function to prevent hacking

attempts.

git-svn-id: http://piwigo.org/svn/branches/2.0@4495 68402e56-0260-453c-a942-63ccdbb3a9ee

admin/element_set.php

@@ -39,6 +39,8 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 // +-----------------------------------------------------------------------+
 check_status(ACCESS_ADMINISTRATOR);
 
+check_input_parameter('selection', @$_POST['selection'], true, PATTERN_ID);
+
 // +-----------------------------------------------------------------------+
 // |                          caddie management                            |
 // +-----------------------------------------------------------------------+