Changeset 17384


Ignore:
Timestamp:
2008/06/30 13:57:32 (13 years ago)
Author:
satou
Message:

#315 商品一覧の脆弱性対策を施しました。

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/version-2/data/class/pages/products/LC_Page_Products_List.php

    r17327 r17384  
    608608        $classcategory_id_2 = $classcategory_id . "_2"; 
    609609        if (!isset($classcategory_id_2)) $classcategory_id_2 = ""; 
    610         if (!isset($_POST[$classcategory_id_2])) $_POST[$classcategory_id_2] = ""; 
     610        if (!isset($_POST[$classcategory_id_2]) || !is_numeric($_POST[$classcategory_id_2])) $_POST[$classcategory_id_2] = ""; 
    611611 
    612612        $this->tpl_onload .= "lnSetSelect('" . $classcategory_id ."_1', " 
Note: See TracChangeset for help on using the changeset viewer.