From 9cd30721df336c149601ee07210dc1a553ce586d Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.spb.ru>
Date: Mon, 22 May 2006 06:13:44 +0100
Subject: [PATCH] security fixes in filter editor

---
 backend.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/backend.php b/backend.php
index dd94a93b..2ffbea3d 100644
--- a/backend.php
+++ b/backend.php
@@ -2099,7 +2099,7 @@
 			$filter_id = db_escape_string($_GET["id"]);
 
 			$result = db_query($link, 
-				"SELECT * FROM ttrss_filters WHERE id = '$filter_id'");
+				"SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
 
 			$reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp")));
 			$filter_type = db_fetch_result($result, 0, "filter_type");
@@ -2199,7 +2199,7 @@
 					feed_id = $feed_id,
 					action_id = '$action_id',
 					filter_type = '$filter_type'
-				WHERE id = '$filter_id'");
+				WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
 		}
 
 		if ($subop == "remove") {
@@ -2209,7 +2209,7 @@
 				$ids = split(",", db_escape_string($_GET["ids"]));
 
 				foreach ($ids as $id) {
-					db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'");
+					db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
 					
 				}
 			}
-- 
2.39.5