diff options
| -rw-r--r-- | inc/auth_plain.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/inc/auth_plain.php b/inc/auth_plain.php index 4213b8dcc..6ba3436c9 100644 --- a/inc/auth_plain.php +++ b/inc/auth_plain.php @@ -11,6 +11,9 @@ * @author Andreas Gohr <andi@splitbrain.org> */ +// we only accept page ids for auth_plain +if(isset($_REQUEST['u'])) + $_REQUEST['u'] = cleanID($_REQUEST['u']); /** * Check user+password [required auth function] |