Mercurial Mercurial > repos > enano-1.1 / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
index.php
changeset 900 c5409416b61b
parent 867 fc4e242995d4
child 906 c949e82b8f49 
--- a/index.php	Sun Apr 12 19:24:33 2009 -0400
+++ b/index.php	Sun Apr 12 19:25:07 2009 -0400
@@ -537,9 +537,18 @@
       $template->header();
       $id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false;
       $id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false;
-      if(!$id1 || !$id2) { echo '<p>Invalid request.</p>'; $template->footer(); break; }
-      if(!preg_match('#^([0-9]+)$#', (string)$_GET['diff1']) ||
-         !preg_match('#^([0-9]+)$#', (string)$_GET['diff2']  )) { echo '<p>SQL injection attempt</p>'; $template->footer(); break; }
+      if ( !$id1 || !$id2 )
+      {
+        echo '<p>Invalid request.</p>';
+        $template->footer();
+        break;
+      }
+      if ( !ctype_digit($_GET['diff1']) || !ctype_digit($_GET['diff1']) )
+      {
+        echo '<p>SQL injection attempt</p>';
+        $template->footer();
+        break;
+      }
       echo PageUtils::pagediff($paths->page_id, $paths->namespace, $id1, $id2);
       $template->footer();
       break;
Enano CMS (1.1.x)