From 258641c6f7e2489c78367a0a864b000f2935fefa Mon Sep 17 00:00:00 2001
From: andi <andi@splitbrain.org>
Date: Tue, 1 Mar 2005 19:16:38 +0100
Subject: revison sanitizing

darcs-hash:20050301181638-9977f-212463af48be9fb6c4e2f9e738f3eb57878c30f7.gz
---
 doku.php       | 3 +++
 inc/common.php | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/doku.php b/doku.php
index 0d6c823ef..5d706ab2e 100644
--- a/doku.php
+++ b/doku.php
@@ -36,6 +36,9 @@
   $SUF   = cleanText($_POST['suffix']);
   $SUM   = $_REQUEST['summary'];
 
+  //sanitize revision
+  $REV = preg_replace('/[^0-9]/','',$REV);
+
   //we accept the do param as HTTP header, too:
   if(!empty($_SERVER['HTTP_X_DOKUWIKI_DO'])){
     $ACT = trim(strtolower($_SERVER['HTTP_X_DOKUWIKI_DO']));
diff --git a/inc/common.php b/inc/common.php
index 24e9583f3..b06896f4d 100644
--- a/inc/common.php
+++ b/inc/common.php
@@ -648,6 +648,9 @@ function getRecents($num=0,$incdel=false){
  */
 function getRevisionInfo($id,$rev){
   global $conf;
+
+  if(!$rev) return(null);
+
   $info = array();
   if(!@is_readable($conf['changelog'])){
     msg($conf['changelog'].' is not readable',-1);
-- 
cgit v1.2.3