aboutsummaryrefslogtreecommitdiffstats
path: root/showattachment.cgi
diff options
context:
space:
mode:
Diffstat (limited to 'showattachment.cgi')
-rwxr-xr-xshowattachment.cgi6
1 files changed, 4 insertions, 2 deletions
diff --git a/showattachment.cgi b/showattachment.cgi
index 78143c550..70f5c6d66 100755
--- a/showattachment.cgi
+++ b/showattachment.cgi
@@ -1,4 +1,4 @@
-#!/usr/bonsaitools/bin/perl -w
+#!/usr/bonsaitools/bin/perl -wT
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
@@ -24,6 +24,8 @@
use diagnostics;
use strict;
+use lib qw(.);
+
require "CGI.pl";
if (!defined $::FORM{'attach_id'}) {
@@ -43,7 +45,7 @@ ConnectToDatabase();
quietly_check_login();
-if ($::FORM{attach_id} !~ /^[1-9][0-9]*$/) {
+if (!detaint_natural($::FORM{attach_id})) {
DisplayError("Attachment ID should be numeric.");
exit;
}