diff options
| author | INOPIAE <inopiae@cacert.org> | 2014-06-11 08:19:05 +0200 |
|---|---|---|
| committer | Benny Baumann <BenBE@geshi.org> | 2014-12-02 22:51:54 +0100 |
| commit | a36105cee86ba70d66829b1aa559a2681711af80 (patch) | |
| tree | 1d440757d382ee75b5573e51735957a7fa68387c | |
| parent | c1720a3bb6dd07af2cf4b359bd85d0ad614c6bab (diff) | |
| download | cacert-devel-a36105cee86ba70d66829b1aa559a2681711af80.tar.gz cacert-devel-a36105cee86ba70d66829b1aa559a2681711af80.tar.xz cacert-devel-a36105cee86ba70d66829b1aa559a2681711af80.zip | |
bug 1282: changed the check routine for ID
| -rw-r--r-- | pages/account/49.php | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/pages/account/49.php b/pages/account/49.php index 1de9952..9802917 100644 --- a/pages/account/49.php +++ b/pages/account/49.php @@ -19,14 +19,16 @@ $userid=0; if(array_key_exists('userid',$_GET)) $userid=intval($_GET['userid']); if($userid <= 0) { - $domainsearch = $domain = mysql_escape_string(stripslashes($_POST['domain'])); - if(!strstr($domain, "%")) + $domainsearch = $domain = mysql_real_escape_string(trim(stripslashes($_POST['domain']))); + if(!strstr($domain, "%")) { $domainsearch = "%$domain%"; - if(preg_match("/^\d+$/",$domain)) - $domainsearch = ""; + } + //check if request is id if not set search ID to -1 - $domainid = intval($domain); - if($domain !== $domainid){ + if(preg_match('/^#(\d+)$/', $domain, $match)) { + $domainsearch = ""; + $domainid = intval($match[1]); + } else { $domainid = -1; } |