lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-23 11:27:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

recover some $_GET & $POST variable keep be integer

Browse Source
This commit is contained in:
xiaomlove
2021-01-06 00:56:13 +08:00
parent 47ba5397a3
commit a968b5855c
24 changed files with 102 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files
comment.php
+6 -6
View File
@@ -34,7 +34,7 @@ if ($action == "add")
}
}
$parent_id = $_POST["pid"] ?? 0;
$parent_id = intval($_POST["pid"] ?? 0);
int_check($parent_id,true);
if($type == "torrent")
@@ -105,12 +105,12 @@ if ($action == "add")
die;
}
$parent_id = $_GET["pid"] ?? 0;
$parent_id = intval($_GET["pid"] ?? 0);
int_check($parent_id,true);
if($sub == "quote")
{
$commentid = $_GET["cid"] ?? 0;
$commentid = intval($_GET["cid"] ?? 0);
int_check($commentid,true);
$res2 = sql_query("SELECT comments.text, users.username FROM comments JOIN users ON comments.user = users.id WHERE comments.id=$commentid") or sqlerr(__FILE__, __LINE__);
@@ -151,7 +151,7 @@ if ($action == "add")
}
elseif ($action == "edit")
{
$commentid = $_GET["cid"] ?? 0;
$commentid = intval($_GET["cid"] ?? 0);
int_check($commentid,true);
if($type == "torrent")
@@ -211,7 +211,7 @@ elseif ($action == "delete")
if (get_user_class() < $commanage_class)
stderr($lang_comment['std_error'], $lang_comment['std_permission_denied']);
$commentid = $_GET["cid"] ?? 0;
$commentid = intval($_GET["cid"] ?? 0);
$sure = $_GET["sure"];
int_check($commentid,true);
@@ -268,7 +268,7 @@ elseif ($action == "vieworiginal")
if (get_user_class() < $commanage_class)
stderr($lang_comment['std_error'], $lang_comment['std_permission_denied']);
$commentid = $_GET["cid"] ?? 0;
$commentid = intval($_GET["cid"] ?? 0);
int_check($commentid,true);
if($type == "torrent")