Improved parameter checking

This commit is contained in:
root 2008-09-03 16:12:30 +00:00
parent 41bba82d32
commit 88afbe8b1d

View file

@ -16,8 +16,8 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<?
$certid = intval($_SESSION['_config']['cert']);
$query = "select * from `gpg` where `id`='$certid' and `memid`='".$_SESSION[profile][id]."'";
$certid = intval($_REQUEST['cert']);
$query = "select * from `gpg` where `id`='$certid' and `memid`='".intval($_SESSION['profile']['id'])."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@ -29,5 +29,5 @@
?>
<h3><?=_("Below is your OpenPGP key")?></h3>
<pre>
<? readfile($row[crt]); ?>
<? readfile($row['crt']); ?>
</pre>