Controller auth / CSRF fixes

This commit is contained in:
Andy Staudacher
2009-09-15 22:51:49 -07:00
parent 7ba93e2645
commit 7608870537
5 changed files with 41 additions and 11 deletions

View File

@@ -21,13 +21,13 @@ class Rss_Controller extends Controller {
public static $page_size = 20;
public function feed($module_id, $feed_id, $id=null) {
$page = $this->input->get("page", 1);
$page = (int) $this->input->get("page", 1);
if ($page < 1) {
url::redirect(url::merge(array("page" => 1)));
}
// Configurable page size between 1 and 100, default 20
$page_size = max(1, min(100, $this->input->get("page_size", self::$page_size)));
$page_size = max(1, min(100, (int) $this->input->get("page_size", self::$page_size)));
// Run the appropriate feed callback
if (module::is_active($module_id)) {