fix XSS vulnerability

git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@460 b3834d28-1941-0410-a4f8-b48e95affb8f
This commit is contained in:
cweiske 2009-10-28 22:29:08 +00:00
parent 066085535d
commit 55554bc0f1

View file

@ -49,7 +49,7 @@ function getSortOrder($override = NULL) {
global $defaultOrderBy;
if (isset($_GET['sort'])) {
return $_GET['sort'];
return preg_replace('/[^a-z]/', '', $_GET['sort']);
} else if (isset($override)) {
return $override;
} else {