From 94b7a29baa75429988ec0001c835c02ec2f7eb17 Mon Sep 17 00:00:00 2001
From: brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Tue, 6 Apr 2010 15:12:02 +0000
Subject: Sanitise int on the offset.

git-svn-id: http://code.elgg.org/elgg/trunk@5634 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 engine/lib/elgglib.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'engine/lib')

diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php
index 8f383904d..b9c4b0998 100644
--- a/engine/lib/elgglib.php
+++ b/engine/lib/elgglib.php
@@ -747,7 +747,7 @@ function elgg_view_entity_list($entities, $count, $offset, $limit, $fullview = t
 	
 	// do not require views to explicitly pass in the offset
 	if (!$offset = (int) $offset) {
-		$offset = get_input('offset', 0);
+		$offset = sanitise_int(get_input('offset', 0));
 	}
 
 	$context = get_context();
@@ -3003,4 +3003,4 @@ register_elgg_event_handler('init', 'system', 'elgg_init');
 register_elgg_event_handler('boot', 'system', 'elgg_boot', 1000);
 register_plugin_hook('unit_test', 'system', 'elgg_api_test');
 
-register_elgg_event_handler('init', 'system', 'add_custom_menu_items', 1000);
\ No newline at end of file
+register_elgg_event_handler('init', 'system', 'add_custom_menu_items', 1000);
-- 
cgit v1.2.3