Get the IDs from $_REQUEST and check if they are numeric.

2004-03-15 20:39:12 +00:00
parent 6d3aa59508
commit 1c7384ae38
2 changed files with 17 additions and 0 deletions
--- a/appbrowse.php
+++ b/appbrowse.php
@@ -22,9 +22,17 @@ function admin_menu()
    $m->done();
 }

+$catId = $_REQUEST['catId'];
+
 if(!$catId)
    $catId = 0; // ROOT

+if( !is_numeric($catId) )
+{
+	errorpage("Something went wrong with the category ID");
+	exit;
+}
+
 // list sub categories
 $cat = new Category($catId);
 $catFullPath = make_cat_path($cat->getCategoryPath());
--- a/appview.php
+++ b/appview.php
@@ -231,6 +231,15 @@ function display_versions($appId, $versions)

 /* code to VIEW an application & versions */

+$appId = $_REQUEST['appId'];
+$versionId = $_REQUEST['versionId'];
+
+if(!is_numeric($appId))
+{
+	errorpage("Something went wrong with the IDs");
+	exit;
+}
+
 if($appId && !$versionId)
 {
 	$app = new Application($appId);