From b3ce7915610a6d272cc38ecd2a8b61e04ee4aeae Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Fri, 16 Feb 2007 14:35:03 -0500
Subject: [PATCH] Better input checking on GET and POST vars

---
 program/steps/mail/list.inc |    4 +---
 1 files changed, 1 insertions(+), 3 deletions(-)

diff --git a/program/steps/mail/list.inc b/program/steps/mail/list.inc
index 9e3b38d..6e06374 100644
--- a/program/steps/mail/list.inc
+++ b/program/steps/mail/list.inc
@@ -22,10 +22,8 @@
 $REMOTE_REQUEST = TRUE;
 $OUTPUT_TYPE = 'js';
 
-$sort = isset($_GET['_sort']) ? $_GET['_sort'] : false;
-
 // is there a sort type for this request?
-if ($sort)
+if ($sort = get_input_value('_sort', RCUBE_INPUT_GET))
   {
   // yes, so set the sort vars
   list($sort_col, $sort_order) = explode('_', $sort);

--
Gitblit v1.9.1