From: Andrew Dolgov <fox@madoka.spb.ru>
Date: Mon, 27 Mar 2006 03:14:35 +0000 (+0100)
Subject: fix escaping in viewfeed
X-Git-Tag: 1.1.5~41
X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=3c81ae1aecd6b57847065bd741fa9cd3613dc983;p=tt-rss.git

fix escaping in viewfeed
---

diff --git a/backend.php b/backend.php
index fef7e9d6..92f87391 100644
--- a/backend.php
+++ b/backend.php
@@ -1098,12 +1098,12 @@
 
 	if ($op == "viewfeed") {
 
-		$feed = $_GET["feed"];
-		$skip = $_GET["skip"];
-		$subop = $_GET["subop"];
-		$view_mode = $_GET["view"];
-		$limit = $_GET["limit"];
-		$cat_view = $_GET["cat"];
+		$feed = db_escape_string($_GET["feed"]);
+		$skip = db_escape_string($_GET["skip"]);
+		$subop = db_escape_string($_GET["subop"]);
+		$view_mode = db_escape_string($_GET["view"]);
+		$limit = db_escape_string($_GET["limit"]);
+		$cat_view = db_escape_string($_GET["cat"]);
 
 		if (!$skip) $skip = 0;