From 1e66c8696049801654aa055ae60d21dc09597083 Mon Sep 17 00:00:00 2001
From: Bushstar <bushsolo@gmail.com>
Date: Wed, 26 Mar 2014 12:40:55 +0000
Subject: [PATCH] Fix XSS bug

To test use the following on browse.php. I used Firefox to test without any anti script software.

browse.php?id=1&PAGE=3'%22()%26%25<ScRiPt%20>prompt(984815)</ScRiPt>
---
 browse.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/browse.php b/browse.php
index a560a83f..cc3253f6 100644
--- a/browse.php
+++ b/browse.php
@@ -182,7 +182,7 @@
 	}
 	else
 	{
-		$PAGE = $_REQUEST['PAGE'];
+		$PAGE = intval($_REQUEST['PAGE']);
 		$OFFSET = ($PAGE - 1) * $system->SETTINGS['perpage'];
 	}
 	$PAGES = ceil($TOTALAUCTIONS / $system->SETTINGS['perpage']);
@@ -235,4 +235,4 @@
 		));
 $template->display('body');
 include 'footer.php';
-?>
\ No newline at end of file
+?>