diff options
Diffstat (limited to 'phpBB/viewtopic.php')
| -rw-r--r-- | phpBB/viewtopic.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index f1b13702ed..7e3539d469 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -37,8 +37,8 @@ $start = (isset($_GET['start'])) ? max(intval($_GET['start']), 0) : 0; // if someone wishes to screw their view up by entering unknown data // good luck to them :D $sort_days = (!empty($_REQUEST['st'])) ? max(intval($_REQUEST['st']), 0) : 0; -$sort_key = (!empty($_REQUEST['sk'])) ? $_REQUEST['sk'] : 't'; -$sort_dir = (!empty($_REQUEST['sd'])) ? $_REQUEST['sd'] : 'a'; +$sort_key = (!empty($_REQUEST['sk'])) ? htmlspecialchars($_REQUEST['sk']) : 't'; +$sort_dir = (!empty($_REQUEST['sd'])) ? htmlspecialchars($_REQUEST['sd']) : 'a'; // Do we have a topic or post id? |