Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity

- user web: fix a security vulnerability

This commit is contained in:
David Anderson 2013-01-07 23:33:22 -08:00 committed by Oliver Bock
parent 41af56d679
commit 6e205de096
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
html/user/team_search.php
View File

@ -149,7 +149,6 @@ function search($params) {
$tried = true; $tried = true;
} }
if ($params->type and $params->type>1) { if ($params->type and $params->type>1) {
$type = BoincDb::escape_string($params->type);
$list2 = get_teams("type=$type", $params->active); $list2 = get_teams("type=$type", $params->active);
//echo "<br>type matches: ",sizeof($list2); //echo "<br>type matches: ",sizeof($list2);
merge_lists($list2, $list, 2); merge_lists($list2, $list, 2);
@ -169,7 +168,7 @@ if ($submit || $xml) {
$params = null; $params = null;
$params->keywords = get_str('keywords', true); $params->keywords = get_str('keywords', true);
$params->country = get_str("country", true); $params->country = get_str("country", true);
$params->type = get_str("type", true); $params->type = get_int("type", true);
$params->active = get_str('active', true); $params->active = get_str('active', true);
$list = search($params); $list = search($params);
if ($xml) { if ($xml) {