Commit a94d17ab authored by Leigh B. Stoller's avatar Leigh B. Stoller

Reg check the argument before sending to mysql. Sheesh!

parent e4ecd643
<?php
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# Copyright (c) 2000-2004 University of Utah and the Flux Group.
# All rights reserved.
#
include("defs.php3");
......@@ -19,6 +19,9 @@ if (!isset($idx) ||
strcmp($idx, "") == 0) {
USERERROR("You must provide an ID.", 1);
}
if (!preg_match("/^\d+$/", $idx)) {
PAGEARGERROR("Invalid ID argument.");
}
#
# Get the thumb from the DB.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment