[TYPO3-mvc] own widget.paginate and f.widget.paginate throws error
Peter Niederlag
typo3-list at niekom.de
Tue Jun 21 12:03:34 CEST 2011
Hello,
Am 17.06.2011 14:25, schrieb Johannes C. Schulz - EnzephaloN IT-Solutions:
[...]
>
> $storage = t3lib_div::_GP('id');
Did you see that big sign above your workdesk "All Input from userland
is evil!!!"?
Please make sure to test/clean all properties from GET/POST before
passing them along!
Here a simple cast to int would make things a lot safer =
(int)t3lib_div::_GP('id'); be prepared this will give you a '0' on an
empty string though!
Greets,
Peter
--
Peter Niederlag
http://www.niekom.de * TYPO3 & EDV Dienstleistungen *
More information about the TYPO3-project-typo3v4mvc
mailing list