issue60, make sure provided photo id is numeric

[phpfspot.git] / phpfspot.class.php

diff --git a/phpfspot.class.php b/phpfspot.class.php
index e500dbe41c09dd427ca872202c51a672f4ea8adb..e0a87a567e184ac83174bc222eee0745dc4ddc61 100644 (file)
--- a/phpfspot.class.php
+++ b/phpfspot.class.php
@@ -126,7 +126,7 @@ class PHPFSPOT {
                $_SESSION['selected_tags'] = $this->extractTags($_GET['tags']);
                $_SESSION['start_action'] = 'showp';
             }
-            if(isset($_GET['id'])) {
+            if(isset($_GET['id']) && is_numeric($_GET['id'])) {
                $_SESSION['current_photo'] = $_GET['id'];
                $_SESSION['start_action'] = 'showp';
             }