Skip to content
Permalink
Browse files Browse the repository at this point in the history
fixes #573, check $_GET['tab'] against hacking attempt
  • Loading branch information
plegall committed Dec 19, 2016
1 parent 9dd9295 commit 4b33a0f
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions admin/languages.php
Expand Up @@ -31,9 +31,14 @@
$my_base_url = get_root_url().'admin.php?page=languages';

if (isset($_GET['tab']))
{
check_input_parameter('tab', $_GET, false, '/^(installed|update|new)$/');
$page['tab'] = $_GET['tab'];
}
else
{
$page['tab'] = 'installed';
}

$tabsheet = new tabsheet();
$tabsheet->set_id('languages');
Expand Down

0 comments on commit 4b33a0f

Please sign in to comment.