From f516626a293edd613cb823db88e36dcf7e1fb8f4 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Wed, 7 Mar 2001 21:29:40 +0000
Subject: A rather large and important update:

revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks).  For drupal's sake, try to screw something up.  See the mail about PHPNuke being hacked appr. 6 days ago.  The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required).  I beg you to be evil.  Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
---
 modules/faq.module | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'modules/faq.module')

diff --git a/modules/faq.module b/modules/faq.module
index 63a40addc..283b8e563 100644
--- a/modules/faq.module
+++ b/modules/faq.module
@@ -106,18 +106,18 @@ function faq_admin() {
       faq_add();
       break;
     case "delete":
-      faq_delete($id);
+      faq_delete(check_input($id));
       faq_display();
       break;
     case "edit":
-      faq_edit($id);
+      faq_edit(check_input($id));
       break;
     case "Add FAQ":
       faq_add_save($edit);
       faq_display();
       break;
     case "Save FAQ":
-      faq_edit_save($id, $edit);
+      faq_edit_save(check_input($id), $edit);
       // fall through:
     default:
       faq_display();
-- 
cgit v1.2.3