api/getArticle: validate id list

This commit is contained in:
Andrew Dolgov 2011-11-07 10:18:24 +04:00
parent edfab7bd7f
commit 823da71a10

View file

@ -274,7 +274,7 @@
case "getArticle":
$article_id = db_escape_string($_REQUEST["article_id"]);
$article_id = join(",", array_filter(explode(",", db_escape_string($_REQUEST["article_id"])), is_numeric));
$query = "SELECT id,title,link,content,feed_id,comments,int_id,
marked,unread,published,