From 3c81ae1aecd6b57847065bd741fa9cd3613dc983 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.spb.ru>
Date: Mon, 27 Mar 2006 04:14:35 +0100
Subject: [PATCH] fix escaping in viewfeed

---
 backend.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/backend.php b/backend.php
index fef7e9d6..92f87391 100644
--- a/backend.php
+++ b/backend.php
@@ -1098,12 +1098,12 @@
 
 	if ($op == "viewfeed") {
 
-		$feed = $_GET["feed"];
-		$skip = $_GET["skip"];
-		$subop = $_GET["subop"];
-		$view_mode = $_GET["view"];
-		$limit = $_GET["limit"];
-		$cat_view = $_GET["cat"];
+		$feed = db_escape_string($_GET["feed"]);
+		$skip = db_escape_string($_GET["skip"]);
+		$subop = db_escape_string($_GET["subop"]);
+		$view_mode = db_escape_string($_GET["view"]);
+		$limit = db_escape_string($_GET["limit"]);
+		$cat_view = db_escape_string($_GET["cat"]);
 
 		if (!$skip) $skip = 0;
 
-- 
2.39.5