diff options
| author | andi <andi@splitbrain.org> | 2005-04-06 19:31:08 +0200 |
|---|---|---|
| committer | andi <andi@splitbrain.org> | 2005-04-06 19:31:08 +0200 |
| commit | def3530d42728b132e4280503f1336abcab43a49 (patch) | |
| tree | 8748ff0c180827f8528058cd9201ec902f590668 | |
| parent | b7c441b9c8eb29ef42816cfb22e610389551e53a (diff) | |
| download | rpg-def3530d42728b132e4280503f1336abcab43a49.tar.gz rpg-def3530d42728b132e4280503f1336abcab43a49.tar.bz2 | |
auth_plain cleans userid on login #239
darcs-hash:20050406173108-9977f-f356f31f0d574ad1614e2098181cf03963f4eb80.gz
| -rw-r--r-- | inc/auth_plain.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/inc/auth_plain.php b/inc/auth_plain.php index 4213b8dcc..6ba3436c9 100644 --- a/inc/auth_plain.php +++ b/inc/auth_plain.php @@ -11,6 +11,9 @@ * @author Andreas Gohr <andi@splitbrain.org> */ +// we only accept page ids for auth_plain +if(isset($_REQUEST['u'])) + $_REQUEST['u'] = cleanID($_REQUEST['u']); /** * Check user+password [required auth function] |