[italy-tech] Fwd: [imc-sf-active] patch mailable.inc
pinna at autistici.org
pinna at autistici.org
Sun Apr 23 08:50:23 PDT 2006
----- Forwarded message from bart at indymedia.org -----
Date: Fri, 21 Apr 2006 22:19:06 +0200
From: Pseudo Punk <bart at indymedia.org>
Reply-To: Pseudo Punk <bart at indymedia.org>
Subject: [imc-sf-active] patch mailable.inc
To: imc-sf-active at indymedia.org
Hey,
mail.php doesn't seem to check if there's a valid id set. so you can
basically send blanco e-mails with the form.
to avoid add, use the patch attached.
i've patched stray & ahimsa.
Bart
----- End forwarded message -----
-------------- next part --------------
8a9,12
> if(!is_numeric($_GET['id']) || !isset($_GET['id'])){
> header('Location: index.php');
> exit;
> }
46a51
> if(!is_numeric($article->article['id'])){ header('Location: index.php'); exit; }
171a177
> if(!is_numeric($article->article['id'])){ header('Location: index.php'); exit; }
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.indymedia.org/pipermail/italy-tech/attachments/20060423/8c3716c7/attachment.pgp
-------------- next part --------------
_______________________________________________
imc-sf-active :: http://sfactive.indymedia.org/
http://lists.indymedia.org/mailman/listinfo/imc-sf-active
More information about the italy-tech
mailing list