From 98a39fee72f14d8280feaa29f3b7dc6ffebc8cc8 Mon Sep 17 00:00:00 2001
From: modus75 <modus75@users.noreply.github.com>
Date: Mon, 25 Sep 2017 21:43:31 +0200
Subject: [PATCH] better check on input parameters (got some odd hack attempts)

---
 comments.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/comments.php b/comments.php
index 7b05249e8..d7f0fd3c4 100644
--- a/comments.php
+++ b/comments.php
@@ -91,9 +91,9 @@ $since_options = array(
 
 trigger_notify('loc_begin_comments');
 
-if (!empty($_GET['since']) && is_numeric($_GET['since']))
+if (!empty($_GET['since']))
 {
-  $page['since'] = $_GET['since'];
+  $page['since'] = intval($_GET['since']);
 }
 else
 {
@@ -363,9 +363,9 @@ $template->assign( 'item_number_options_selected', $page['items_number']);
 // |                            navigation bar                             |
 // +-----------------------------------------------------------------------+
 
-if (isset($_GET['start']) and is_numeric($_GET['start']))
+if (isset($_GET['start']))
 {
-  $start = $_GET['start'];
+  $start = intval($_GET['start']);
 }
 else
 {