From e9456af9d5f22bbbf6e45e0121661564115f0092 Mon Sep 17 00:00:00 2001 From: Chris Morgan Date: Fri, 7 Jul 2006 19:23:58 +0000 Subject: [PATCH] application::display() should use the class internal iAppId instead of any $_REQUEST data --- include/application.php | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/include/application.php b/include/application.php index de8e232..9ef9b71 100644 --- a/include/application.php +++ b/include/application.php @@ -514,10 +514,6 @@ class Application { /* display this application */ function display() { - $aClean = array(); //array of filtered user input - - $aClean['iAppId'] = makeSafe($_REQUEST['iAppId']); - /* is this user supposed to view this version? */ if(!$_SESSION['current']->canViewApplication($this)) util_show_error_page_and_exit("Something went wrong with the application or version id"); @@ -557,7 +553,7 @@ class Application { // optional links $result = query_parameters("SELECT * FROM appData WHERE appId = '?' AND versionID = 0 AND type = 'url'", - $aClean['iAppId']); + $this->iAppId); if($result && mysql_num_rows($result) > 0) { echo " Links\n"; @@ -614,7 +610,7 @@ class Application { if($_SESSION['current']->isSuperMaintainer($this->iAppId) || $_SESSION['current']->hasPriv("admin")) { - echo '
'; + echo '
'; } if($_SESSION['current']->isLoggedIn()) {