From d4373420df9dbfbe0a657bc06a1fa8faba65a0e2 Mon Sep 17 00:00:00 2001 From: gmc Date: Tue, 30 Nov 2010 20:50:02 +0000 Subject: [PATCH] protect some of the supercat browse interfaces from unboundedness E.g., browsing from a call number that contains forward slashes, e.g., "02/05/2004" Signed-off-by: Galen Charlton git-svn-id: svn://svn.open-ils.org/ILS/branches/rel_1_6@18886 dcc99617-32d9-48b4-a31d-7c20da2025e4 --- Open-ILS/src/perlmods/OpenILS/WWW/SuperCat.pm | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Open-ILS/src/perlmods/OpenILS/WWW/SuperCat.pm b/Open-ILS/src/perlmods/OpenILS/WWW/SuperCat.pm index 89d1ad7f32..89f4567947 100644 --- a/Open-ILS/src/perlmods/OpenILS/WWW/SuperCat.pm +++ b/Open-ILS/src/perlmods/OpenILS/WWW/SuperCat.pm @@ -876,6 +876,7 @@ sub changes_feed { my ($type,$rtype,$axis,$limit,$date) = split '/', $path; my $flesh_feed = ($type =~ /-full$/o) ? 1 : 0; $limit ||= 10; + $limit = 10 if $limit !~ /^\d+$/; my $list = $supercat->request("open-ils.supercat.$rtype.record.$axis.recent", $date, $limit)->gather(1); @@ -1327,6 +1328,7 @@ sub string_browse { $page_size ||= $cgi->param('count') || 9; $page = 0 if ($page !~ /^-?\d+$/); + $page_size = 9 if $page_size !~ /^\d+$/; my $prev = join('/', $base,$format,$axis,$site,$string,$page - 1,$page_size); my $next = join('/', $base,$format,$axis,$site,$string,$page + 1,$page_size); @@ -1393,6 +1395,7 @@ sub item_age_browse { $page_size ||= $cgi->param('count') || 10; $page = 1 if ($page !~ /^-?\d+$/ || $page < 1); + $page_size = 10 if $page_size !~ /^\d+$/; my $prev = join('/', $base,$format,$axis,$site,$page - 1,$page_size); my $next = join('/', $base,$format,$axis,$site,$page + 1,$page_size); -- 2.11.0