Patch included -- __ .Ž `. [EMAIL PROTECTED] : :' ! ---------------- `. `Ž gpg: B345BDD3 `- Please don't cc, I'm subscribed to the list
--- php/file/file_overview.php 2005-08-19 10:34:09.979785856 +0100 +++ php/file/file_overview.php 2005-08-19 10:35:09.305340062 +0100 @@ -114,7 +114,7 @@ $this->q = "SELECT * FROM ". $this->dbconn->prefix ."files"; $pre = " WHERE " ;
- if ( isset($_GET['link_id']) ) { + if ( isset($_GET['link_id']) && is_numeric($_GET['link_id']) ) { $this->q .= $pre . " link_id = ". $_GET['link_id']; $pre = " AND " ; $this->link1 = addUrlParameter($this->link1,"link_id=". $_GET['link_id']); --- php/app_new.php 2005-08-19 10:33:35.701361397 +0100 +++ php/app_new.php 2005-08-19 10:33:16.467038472 +0100 @@ -255,7 +255,7 @@ } else { $this->name = $lang['AppointCreate']; /* New event */ - if (isset($_GET['t'])) { + if (isset($_GET['t']) && is_numeric($_GET['t'])) { $this->obj->start->setDateTime($_GET['t']); $this->obj->end->setDateTime($_GET['t']); }
signature.asc
Description: Digital signature