Skip to content
Permalink
Browse files

fixes #573, check $_GET['tab'] against hacking attempt

  • Loading branch information...
plegall committed Dec 19, 2016
1 parent 9dd9295 commit 4b33a0fd199fd445b15a49927ea6a9a153e3877d
Showing with 5 additions and 0 deletions.
  1. +5 −0 admin/languages.php
@@ -31,9 +31,14 @@
$my_base_url = get_root_url().'admin.php?page=languages';
if (isset($_GET['tab']))
{
check_input_parameter('tab', $_GET, false, '/^(installed|update|new)$/');
$page['tab'] = $_GET['tab'];
}
else
{
$page['tab'] = 'installed';
}
$tabsheet = new tabsheet();
$tabsheet->set_id('languages');

0 comments on commit 4b33a0f

Please sign in to comment.
You can’t perform that action at this time.