james/fembooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add a extra escape, fixes #718

Browse Source
This commit is contained in:
Shish 2020-04-20 09:53:44 +01:00
parent c146a9f53d
commit 78710166a1
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ext/image/main.php
View File

@ -59,7 +59,7 @@ class ImageIO extends Extension
} elseif ($event->page_matches("image/replace")) {
global $page, $user;
if ($user->can(Permissions::REPLACE_IMAGE) && isset($_POST['image_id']) && $user->check_auth_token()) {
$image = Image::by_id($_POST['image_id']);
$image = Image::by_id(int_escape($_POST['image_id']));
if ($image) {
$page->set_mode(PageMode::REDIRECT);
$page->set_redirect(make_link('upload/replace/'.$image->id));