]> gitweb.fluxo.info Git - lorea/elgg.git/commitdiff
projects / lorea / elgg.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bb48475)
Sanitise int on the offset.
authorbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>
Tue, 6 Apr 2010 15:12:02 +0000 (15:12 +0000)
committerbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>
Tue, 6 Apr 2010 15:12:02 +0000 (15:12 +0000)
git-svn-id: http://code.elgg.org/elgg/trunk@5634 36083f99-b078-4883-b0ff-0f9b5a30f544

engine/lib/elgglib.php patch | blob | history

diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php
index 8f383904dd3642dcc20ed70e372c5d2ee988159e..b9c4b09982aa15f7407cbb7f324e8857fe8ee389 100644 (file)
--- a/engine/lib/elgglib.php
+++ b/engine/lib/elgglib.php
@@ -747,7 +747,7 @@ function elgg_view_entity_list($entities, $count, $offset, $limit, $fullview = t
        
        // do not require views to explicitly pass in the offset
        if (!$offset = (int) $offset) {
-               $offset = get_input('offset', 0);
+               $offset = sanitise_int(get_input('offset', 0));
        }
 
        $context = get_context();
@@ -3003,4 +3003,4 @@ register_elgg_event_handler('init', 'system', 'elgg_init');
 register_elgg_event_handler('boot', 'system', 'elgg_boot', 1000);
 register_plugin_hook('unit_test', 'system', 'elgg_api_test');
 
-register_elgg_event_handler('init', 'system', 'add_custom_menu_items', 1000);
\ No newline at end of file
+register_elgg_event_handler('init', 'system', 'add_custom_menu_items', 1000);
Social Networking Engine