harmacist/vichan
1
0
Fork 0
forked from GithubBackups/vichan
Code Pull Requests Activity

Merge pull request #925 from Zankaria/recent-posts-validation

Browse Source 
pages.php: better input validation in recent_posts page
This commit is contained in:
Lorenzo Yario 2025-04-18 10:36:38 -07:00 committed by GitHub
commit 578a16c513
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
inc/mod/pages.php
View File

@ -2668,8 +2668,20 @@ function mod_recent_posts(Context $ctx, $lim) {
if (!hasPermission($config['mod']['recent']))
error($config['error']['noaccess']);
$limit = (is_numeric($lim))? $lim : 25;
$last_time = (isset($_GET['last']) && is_numeric($_GET['last'])) ? $_GET['last'] : 0;
$limit = 25;
if (\is_numeric($lim)) {
$lim = \intval($lim);
if ($lim > 0 && $lim < 1000) {
$limit = $lim;
}
}
$last_time = 0;
if (isset($_GET['last']) && \is_numeric($_GET['last'])) {
$last = \intval($_GET['last']);
if ($last > 0) {
$last_time = $last;
}
}
$mod_boards = [];
$boards = listBoards();