merge r6909 from branch 2.1 to trunk

bug 1850 fixed: strong check of $_GET['cat'] git-svn-id: http://piwigo.org/svn/trunk@6910 68402e56-0260-453c-a942-63ccdbb3a9ee
2026-03-28 17:42:57 +01:00 · 2010-09-13 21:10:51 +00:00
parent a8b34d3598
commit 9ab609438f
1 changed files with 2 additions and 0 deletions
--- a/comments.php
+++ b/comments.php
@@ -104,6 +104,8 @@ $page['where_clauses'] = array();
 // which category to filter on ?
 if (isset($_GET['cat']) and 0 != $_GET['cat'])
 {
+  check_input_parameter('cat', $_GET, false, PATTERN_ID);
+  
  $page['where_clauses'][] =
    'category_id IN ('.implode(',', get_subcat_ids(array($_GET['cat']))).')';
 }