diff options
author | Chad Little <clittle@users.sourceforge.net> | 2005-10-25 02:47:30 +0000 |
---|---|---|
committer | Chad Little <clittle@users.sourceforge.net> | 2005-10-25 02:47:30 +0000 |
commit | 53fa3d375b759ed123eddf47f77e2ec3fda3d81d (patch) | |
tree | 43ed180e444a65c113c9668ffe7c83da2111ae29 | |
parent | 049582a9710368ecf24321e2c1e821115aff13c0 (diff) | |
download | phpicalendar-53fa3d375b759ed123eddf47f77e2ec3fda3d81d.tar.gz phpicalendar-53fa3d375b759ed123eddf47f77e2ec3fda3d81d.tar.bz2 phpicalendar-53fa3d375b759ed123eddf47f77e2ec3fda3d81d.zip |
Cookie vulnerability fixed.
-rw-r--r-- | README | 2 | ||||
-rw-r--r-- | index.php | 7 |
2 files changed, 8 insertions, 1 deletions
@@ -82,11 +82,13 @@ COPYING for more information about our license. Changes: -------- 2.1 + -Updated languages: Finnish -RSS feeds display as previously indended. -Updated languages: Finnish, Norwegian, French -Todo popup respects CHARSET -Allows multiple calendar selection. -Search box can be made to go away. + -Cookie vulnerbility fixed (credit: aScii) -Fix for occasionally broken popups. -Various bug fixes. @@ -10,7 +10,12 @@ if ($printview_default == 'yes') { $printview = $default_view; $default_view = "print.php"; } else { - $default_view = "$default_view" . ".php"; + $check = array ('day', 'week', 'month'); + if (in_array($default_view, $check)) { + $default_view = $default_view . '.php'; + } else { + die; + } } /*header("Location: $default_view");*/ |