Revision 0e6cf71b
Added by Renato Botelho over 11 years ago
| usr/local/www/firewall_aliases_edit.php | ||
|---|---|---|
| 92 | 92 |
return true; |
| 93 | 93 |
} |
| 94 | 94 |
|
| 95 |
$id = $_GET['id']; |
|
| 96 |
if (isset($_POST['id'])) |
|
| 95 |
if (is_numericint($_GET['id'])) |
|
| 96 |
$id = $_GET['id']; |
|
| 97 |
if (isset($_POST['id']) && is_numericint($_POST['id'])) |
|
| 97 | 98 |
$id = $_POST['id']; |
| 98 | 99 |
|
| 99 | 100 |
if (isset($id) && $a_aliases[$id]) {
|
Also available in: Unified diff
Improve checks for params 'id', 'dup' and other similar ones to make sure they are numeric integer, also, pass them through htmlspecialchars() before print