Skip to content

Commit

Permalink
author.php: Validate input and results
Browse files Browse the repository at this point in the history
  • Loading branch information
@bpfoley
bpfoley committed Mar 12, 2024
1 parent 609b8ff commit d68bd2c
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion tools/authors/author.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,16 @@

require_login();

$author_id = get_integer_param($_GET, 'author_id', null, null, null, true);
$author_id = get_integer_param($_GET, 'author_id', null, null, null, false);

$sql = sprintf("SELECT * FROM authors WHERE author_id=%d", $author_id);
$result = DPDatabase::query($sql);
$row = mysqli_fetch_assoc($result);
if (!$row) {
output_header('');
echo "<p class='error'>", sprintf(_('Author id %d not found'), $author_id), "</p>\n";
exit;
}
$last_name = $row["last_name"];
$other_names = $row["other_names"];
$birth = format_date_from_sqlset($row, 'b');
Expand Down

0 comments on commit d68bd2c

Please sign in to comment.