aboutsummaryrefslogtreecommitdiffstats
path: root/showvotes.cgi
diff options
context:
space:
mode:
Diffstat (limited to 'showvotes.cgi')
-rwxr-xr-xshowvotes.cgi6
1 files changed, 4 insertions, 2 deletions
diff --git a/showvotes.cgi b/showvotes.cgi
index a6928bf84..6ed4bb8e4 100755
--- a/showvotes.cgi
+++ b/showvotes.cgi
@@ -1,4 +1,4 @@
-#!/usr/bonsaitools/bin/perl -w
+#!/usr/bonsaitools/bin/perl -wT
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
@@ -25,6 +25,8 @@
use diagnostics;
use strict;
+use lib qw(.);
+
require "CGI.pl";
ConnectToDatabase();
@@ -61,7 +63,7 @@ if (defined $::FORM{'voteon'}) {
# Make sure the user ID is a positive integer representing an existing user.
if (defined $::FORM{'user'}) {
- $::FORM{'user'} =~ /^([1-9][0-9]*)$/
+ detaint_natural($::FORM{'user'})
|| DisplayError("The user number is invalid.")
&& exit;
SendSQL("SELECT 1 FROM profiles WHERE userid = $::FORM{'user'}");