From: Davide Franco Date: Wed, 20 Jul 2011 16:59:30 +0000 (+0200) Subject: bacula-web: Replaced all $_POST by safe values in bweb class X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=3089aead874d2f907994b091b2dc019f34ee0d00;p=bacula%2Fbacula bacula-web: Replaced all $_POST by safe values in bweb class --- diff --git a/gui/bacula-web/includes/bweb.inc.php b/gui/bacula-web/includes/bweb.inc.php index 43b3efd686..ea45ce3d33 100644 --- a/gui/bacula-web/includes/bweb.inc.php +++ b/gui/bacula-web/includes/bweb.inc.php @@ -41,8 +41,9 @@ class Bweb $this->init_gettext(); // Check catalog id - if( isset($_POST['catalog_id']) ) { - $this->catalog_current_id = $_POST['catalog_id']; + $http_post = CHttp::getRequestVars($_POST); + if( isset( $http_post['catalog_id'] ) ) { + $this->catalog_current_id = $http_post['catalog_id']; $_SESSION['catalog_id'] = $this->catalog_current_id; } elseif( isset( $_SESSION['catalog_id'] ) )