AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-17 11:14:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added comment in pagination_head.php regarding issue #673

Browse Source
This commit is contained in:
johnnyq
2023-05-09 15:22:02 -04:00
parent 8d666abc40
commit 6f6ae476a9
1 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pagination_head.php
View File

@@ -50,11 +50,9 @@ if (isset($_GET['q'])) {
// Sortby // Sortby
if (!empty($_GET['sb'])) { if (!empty($_GET['sb'])) {
$sb = sanitizeInput(preg_replace('/[^a-z_]/', '', $_GET['sb'])); $sb = sanitizeInput(preg_replace('/[^a-z_]/', '', $_GET['sb'])); // JQ 2023-05-09 - See issue #673 on GitHub to see the reasoning why we used preg_replace technically sanitizeInput() should have been enough to escape SQL Commands
} }
//$sb = $_GET['sb'];
// Date Handling // Date Handling
if (empty($_GET['canned_date'])) { if (empty($_GET['canned_date'])) {
//Prevents lots of undefined variable errors. //Prevents lots of undefined variable errors.