From 89c3ffd2259469383921c2f75a31d5bb76cf73e6 Mon Sep 17 00:00:00 2001
From: Brion Vibber <brion@users.mediawiki.org>
Date: Thu, 14 Oct 2004 08:38:06 +0000
Subject: [PATCH] Validate input

---
 includes/Skin.php       | 4 ++--
 includes/SkinPHPTal.php | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/includes/Skin.php b/includes/Skin.php
index 1464d9b37d..528e5c3c19 100644
--- a/includes/Skin.php
+++ b/includes/Skin.php
@@ -299,11 +299,11 @@ class Skin {
 		  (!$wgTitle->isProtected() || $wgUser->isSysop()) ) {
 			$t = wfMsg( 'editthispage' );
 			$oid = $red = '';
-			if ( !empty($redirect) ) {
+			if ( !empty($redirect) && $redirect == 'no' ) {
 				$red = "&redirect={$redirect}";
 			}
 			if ( !empty($oldid) && ! isset( $diff ) ) {
-				$oid = "&oldid={$oldid}";
+				$oid = "&oldid=" . IntVal( $oldid );
 			}
 			$s = $wgTitle->getFullURL( "action=edit{$oid}{$red}" );
 			$s = 'document.location = "' .$s .'";';
diff --git a/includes/SkinPHPTal.php b/includes/SkinPHPTal.php
index b5e6369771..f6cc7b94dc 100644
--- a/includes/SkinPHPTal.php
+++ b/includes/SkinPHPTal.php
@@ -435,7 +435,7 @@ class SkinPHPTal extends Skin {
 			}
 
 			if ( $wgTitle->userCanEdit() ) {
-				$oid = ( $oldid && ! isset( $diff ) ) ? '&oldid='.$oldid : false;
+				$oid = ( $oldid && ! isset( $diff ) ) ? '&oldid='.IntVal( $oldid ) : false;
 				$istalk = ( Namespace::isTalk( $wgTitle->getNamespace()) );
 				$istalkclass = $istalk?' istalk':'';
 				$content_actions['edit'] = array(
@@ -451,7 +451,7 @@ class SkinPHPTal extends Skin {
 					);
 				}
 			} else {
-					$oid = ( $oldid && ! isset( $diff ) ) ? '&oldid='.$oldid : '';
+					$oid = ( $oldid && ! isset( $diff ) ) ? '&oldid='.IntVal( $oldid ) : '';
 				$content_actions['viewsource'] = array('class' => ($action == 'edit') ? 'selected' : false,
 				'text' => wfMsg('viewsource'),
 				'href' => $this->makeUrl($this->thispage, 'action=edit'.$oid));
-- 
2.20.1