mirror of
https://github.com/silverstripe/silverstripe-reports
synced 2024-10-22 11:05:53 +02:00
simon_w: #2122 - Bug in PageComments class (Security)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/trunk@47930 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
parent
033f55f5c1
commit
2259c8f6d9
@ -182,8 +182,9 @@ class PageComment extends DataObject {
|
||||
$this->Parent()->Title
|
||||
);
|
||||
}
|
||||
|
||||
function rss() {
|
||||
$parentcheck = isset($_REQUEST['pageid']) ? "ParentID = {$_REQUEST['pageid']}" : "ParentID > 0";
|
||||
$parentcheck = isset($_REQUEST['pageid']) ? "ParentID = " . (int) $_REQUEST['pageid'] : "ParentID > 0";
|
||||
$comments = DataObject::get("PageComment", "$parentcheck AND IsSpam=0", "Created DESC", "", 10);
|
||||
if(!isset($comments)) {
|
||||
$comments = new DataObjectSet();
|
||||
|
Loading…
Reference in New Issue
Block a user