fix several XSS injection problems with page variable

git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@468 b3834d28-1941-0410-a4f8-b48e95affb8f

8 files changed, 9 insertions, 9 deletions

diff --git a/www/ajax/getadminlinkedtags.php b/www/ajax/getadminlinkedtags.php
index 0a5d813..2b1c3ac 100644
--- a/www/ajax/getadminlinkedtags.php
+++ b/www/ajax/getadminlinkedtags.php
@@ -57,7 +57,7 @@ function displayTag($tag, $uId) {
 
 { label: 'name', identifier: 'id', items: [
 <?php
-$json = displayTag(GET_TAG, GET_UID);
+$json = displayTag(GET_TAG, intval(GET_UID));
 $json = substr($json, 0, -1); // remove final comma avoiding IE6 Dojo bug
 echo $json;
 ?>
diff --git a/www/ajax/getlinkedtags.php b/www/ajax/getlinkedtags.php
index 9415f87..621d1c4 100644
--- a/www/ajax/getlinkedtags.php
+++ b/www/ajax/getlinkedtags.php
@@ -57,7 +57,7 @@ function displayTag($tag, $uId) {
 
 { label: 'name', identifier: 'id', items: [
 <?php
-$json = displayTag(GET_TAG, GET_UID);
+$json = displayTag(GET_TAG, intval(GET_UID));
 $json = substr($json, 0, -1); // remove final comma avoiding IE6 Dojo bug
 echo $json;
 ?>
diff --git a/www/bookmarks.php b/www/bookmarks.php
index 4a36a39..8424edb 100644
--- a/www/bookmarks.php
+++ b/www/bookmarks.php
@@ -190,7 +190,7 @@ if ($templatename == 'editbookmark.tpl') {
 			$tplVars['tags'] = POST_TAGS;
 		} else {
 			if(GET_COPYOF != '') {  //copy from bookmarks page
-				$tplVars['row'] = $bookmarkservice->getBookmark(GET_COPYOF, true);
+				$tplVars['row'] = $bookmarkservice->getBookmark(intval(GET_COPYOF), true);
 				if(!$currentUser->isAdmin()) {
 					$tplVars['row']['bPrivateNote'] = ''; //only admin can copy private note
 				}
@@ -249,7 +249,7 @@ if ($templatename == 'editbookmark.tpl') {
 	// Pagination
 	$perpage = getPerPageCount($currentUser);
 	if (intval(GET_PAGE) > 1) {
-		$page = GET_PAGE;
+		$page = intval(GET_PAGE);
 		$start = ($page - 1) * $perpage;
 	} else {
 		$page = 0;
diff --git a/www/history.php b/www/history.php
index fa1c535..42688a0 100644
--- a/www/history.php
+++ b/www/history.php
@@ -48,7 +48,7 @@ if ($usecache) {
 // Pagination
 $perpage = getPerPageCount($currentUser);
 if (intval(GET_PAGE) > 1) {
-    $page = GET_PAGE;
+    $page = intval(GET_PAGE);
     $start = ($page - 1) * $perpage;
 } else {
     $page = 0;
diff --git a/www/index.php b/www/index.php
index bc1b354..6d6f5cb 100644
--- a/www/index.php
+++ b/www/index.php
@@ -60,7 +60,7 @@ if ($usecache) {
 // Pagination
 $perpage = getPerPageCount($currentUser);
 if (intval(GET_PAGE) > 1) {
-	$page = GET_PAGE;
+	$page = intval(GET_PAGE);
 	$start = ($page - 1) * $perpage;
 } else {
 	$page = 0;
diff --git a/www/search.php b/www/search.php
index 2b65b2f..9a19883 100644
--- a/www/search.php
+++ b/www/search.php
@@ -60,7 +60,7 @@ if (POST_TERMS != '') {
 	// Pagination
 	$perpage = getPerPageCount($currentUser);
 	if (intval(GET_PAGE) > 1) {
-		$page = GET_PAGE;
+		$page = intval(GET_PAGE);
 		$start = ($page - 1) * $perpage;
 	} else {
 		$page = 0;
diff --git a/www/tags.php b/www/tags.php
index e3fd6d2..fed4510 100644
--- a/www/tags.php
+++ b/www/tags.php
@@ -73,7 +73,7 @@ array(filter($sitename .': '. $pagetitle), createURL('rss', 'all/'. filter($cat,
 // Pagination
 $perpage = getPerPageCount($currentUser);
 if (intval(GET_PAGE) > 1) {
-	$page = GET_PAGE;
+	$page = intval(GET_PAGE);
 	$start = ($page - 1) * $perpage;
 } else {
 	$page = 0;
diff --git a/www/watchlist.php b/www/watchlist.php
index 6198781..b92fb9c 100644
--- a/www/watchlist.php
+++ b/www/watchlist.php
@@ -78,7 +78,7 @@ if ($user) {
     // Pagination
     $perpage = getPerPageCount($currentUser);
     if (intval(GET_PAGE) > 1) {
-        $page = GET_PAGE;
+        $page = intval(GET_PAGE);
         $start = ($page - 1) * $perpage;
     } else {
         $page = 0;