diff options
Diffstat (limited to 'program/steps/settings')
-rw-r--r-- | program/steps/settings/edit_identity.inc | 3 | ||||
-rw-r--r-- | program/steps/settings/save_identity.inc | 4 |
2 files changed, 3 insertions, 4 deletions
diff --git a/program/steps/settings/edit_identity.inc b/program/steps/settings/edit_identity.inc index 07cd8fa02..316eec785 100644 --- a/program/steps/settings/edit_identity.inc +++ b/program/steps/settings/edit_identity.inc @@ -21,12 +21,11 @@ if (($_GET['_iid'] || $_POST['_iid']) && $_action=='edit-identity') { - $id = $_POST['_iid'] ? $_POST['_iid'] : $_GET['_iid']; $DB->query("SELECT * FROM ".get_table_name('identities')." WHERE identity_id=? AND user_id=? AND del<>1", - $id, + get_input_value('_iid', RCUBE_INPUT_GPC), $_SESSION['user_id']); $IDENTITY_RECORD = $DB->fetch_assoc(); diff --git a/program/steps/settings/save_identity.inc b/program/steps/settings/save_identity.inc index 9df6c61cb..2d64dc7b3 100644 --- a/program/steps/settings/save_identity.inc +++ b/program/steps/settings/save_identity.inc @@ -55,7 +55,7 @@ if ($_POST['_iid']) WHERE identity_id=? AND user_id=? AND del<>1", - $_POST['_iid'], + get_input_value('_iid', RCUBE_INPUT_POST), $_SESSION['user_id']); $updated = $DB->affected_rows(); @@ -72,7 +72,7 @@ if ($_POST['_iid']) AND identity_id<>? AND del<>1", $_SESSION['user_id'], - $_POST['_iid']); + get_input_value('_iid', RCUBE_INPUT_POST)); if ($_POST['_framed']) { |