perdedora/leftypol
1
0
Fork 0
forked from leftypol/leftypol
Code Pull requests Activity

pages.php: better input validation in recent_posts page

Browse source
This commit is contained in:
Zankaria 2025-04-14 17:48:05 +02:00
parent 8ee3f4c81d
commit 2e1cb7995f
1 changed files with 14 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

16
inc/mod/pages.php
View file

@ -3015,8 +3015,20 @@ function mod_recent_posts(Context $ctx, $lim, $board_list = false, $json = false
if (!hasPermission($config['mod']['recent']))
error($config['error']['noaccess']);
$limit = (is_numeric($lim))? $lim : 25;
$last_time = (isset($_GET['last']) && is_numeric($_GET['last'])) ? $_GET['last'] : 0;
$limit = 25;
if (\is_numeric($lim)) {
$lim = \intval($lim);
if ($lim > 0 && $lim < 1000) {
$limit = $lim;
}
}
$last_time = 0;
if (isset($_GET['last']) && \is_numeric($_GET['last'])) {
$last = \intval($_GET['last']);
if ($last > 0) {
$last_time = $last;
}
}
$mod_boards = [];
$boards = listBoards();