From d5342aabcfeddb959cc286befe6de5bf35fe9d76 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Sun, 25 Nov 2007 14:45:38 -0500
Subject: [PATCH] More input sanitizing

---
 program/steps/mail/rss.inc |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/program/steps/mail/rss.inc b/program/steps/mail/rss.inc
index 49d5c0e..0d7d3c4 100644
--- a/program/steps/mail/rss.inc
+++ b/program/steps/mail/rss.inc
@@ -79,7 +79,7 @@
 
 // Check if the user wants to override the default sortingmethode
 if (isset($_GET['_sort']))
-  list($sort_col, $sort_order) = explode('_', $_GET['_sort']);
+  list($sort_col, $sort_order) = explode('_', get_input_value('_sort', RCUBE_INPUT_GET));
 
 // Add message to output
 if ($messagecount > 0)

--
Gitblit v1.9.1