diff options
author | Andrew Dolgov <[email protected]> | 2006-05-16 12:48:07 +0100 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2006-05-16 12:48:07 +0100 |
commit | 12fb24b921779038ec09b0fb2b31c94380a0aeaa (patch) | |
tree | 82c16596ba7007a74c9497fe7598beb5f9297ee4 /backend.php | |
parent | 7fb323413a78430da6d1681f0d58492464bcfbb8 (diff) |
fix security issue in view
Diffstat (limited to 'backend.php')
-rw-r--r-- | backend.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/backend.php b/backend.php index 914a04ba6..51551314e 100644 --- a/backend.php +++ b/backend.php @@ -520,7 +520,7 @@ num_comments, author FROM ttrss_entries,ttrss_user_entries - WHERE id = '$id' AND ref_id = id"); + WHERE id = '$id' AND ref_id = id AND owner_uid = " . $_SESSION["uid"]); print "<html><head> <title>Tiny Tiny RSS : Article $id</title> |