]> git.wh0rd.org Git - tt-rss.git/commitdiff
projects / tt-rss.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8e3f721)
fix escaping in viewfeed
authorAndrew Dolgov <fox@madoka.spb.ru>
Mon, 27 Mar 2006 03:14:35 +0000 (04:14 +0100)
committerAndrew Dolgov <fox@madoka.spb.ru>
Mon, 27 Mar 2006 03:14:35 +0000 (04:14 +0100)
backend.php patch | blob | history

diff --git a/backend.php b/backend.php
index fef7e9d611183b5379d9e3da9402442478b0f438..92f8739147b7aabc7045b0d943857741dad8e302 100644 (file)
--- a/backend.php
+++ b/backend.php
@@ -1098,12 +1098,12 @@
 
        if ($op == "viewfeed") {
 
-               $feed = $_GET["feed"];
-               $skip = $_GET["skip"];
-               $subop = $_GET["subop"];
-               $view_mode = $_GET["view"];
-               $limit = $_GET["limit"];
-               $cat_view = $_GET["cat"];
+               $feed = db_escape_string($_GET["feed"]);
+               $skip = db_escape_string($_GET["skip"]);
+               $subop = db_escape_string($_GET["subop"]);
+               $view_mode = db_escape_string($_GET["view"]);
+               $limit = db_escape_string($_GET["limit"]);
+               $cat_view = db_escape_string($_GET["cat"]);
 
                if (!$skip) $skip = 0;
 
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/