Revision 656
Added by thorn almost 17 years ago
| index.php | ||
|---|---|---|
| 51 | 51 |
unset($template); |
| 52 | 52 |
|
| 53 | 53 |
//Get the referrer page ID if it exists |
| 54 |
if(isset($_REQUEST['referrer']) && intval($_REQUEST['referrer']) > 0) {
|
|
| 54 |
if(isset($_REQUEST['referrer']) && is_numeric($_REQUEST['referrer']) && intval($_REQUEST['referrer']) > 0) {
|
|
| 55 | 55 |
define('REFERRER_ID', intval($_REQUEST['referrer']));
|
| 56 | 56 |
} else {
|
| 57 | 57 |
define('REFERRER_ID', 0);
|
Also available in: Unified diff
Added some missing add_slashes(), get_post_escaped(), and strip_tags() for $_POST, $_GET and $_REQUEST-data. Also for $_SERVER['PHP_SELF'].