Patch included -- __ .Ž `. [EMAIL PROTECTED] : :' ! ---------------- `. `Ž gpg: B345BDD3 `- Please don't cc, I'm subscribed to the list
--- php/file/file_overview.php 2005-08-19 10:34:09.979785856 +0100
+++ php/file/file_overview.php 2005-08-19 10:35:09.305340062 +0100
@@ -114,7 +114,7 @@
$this->q = "SELECT * FROM ". $this->dbconn->prefix ."files";
$pre = " WHERE " ;
- if ( isset($_GET['link_id']) ) {
+ if ( isset($_GET['link_id']) && is_numeric($_GET['link_id']) ) {
$this->q .= $pre . " link_id = ". $_GET['link_id'];
$pre = " AND " ;
$this->link1 = addUrlParameter($this->link1,"link_id=".
$_GET['link_id']);
--- php/app_new.php 2005-08-19 10:33:35.701361397 +0100
+++ php/app_new.php 2005-08-19 10:33:16.467038472 +0100
@@ -255,7 +255,7 @@
} else {
$this->name = $lang['AppointCreate'];
/* New event */
- if (isset($_GET['t'])) {
+ if (isset($_GET['t']) && is_numeric($_GET['t'])) {
$this->obj->start->setDateTime($_GET['t']);
$this->obj->end->setDateTime($_GET['t']);
}
signature.asc
Description: Digital signature
