From: skodak <skodak>
Date: Tue, 23 May 2006 09:02:13 +0000 (+0000)
Subject: extra cleaning of variables; merged from MOODLE_16_STABLE
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=57f2e16c8d8dae8ed7bfce37fdc8e4014abad315;p=moodle.git

extra cleaning of variables; merged from MOODLE_16_STABLE
---

diff --git a/user/tabs.php b/user/tabs.php
index 85dd670723..a67986f34e 100644
--- a/user/tabs.php
+++ b/user/tabs.php
@@ -9,6 +9,10 @@
         $filterselect = '';
     }
 
+    //make sure everything is cleaned properly
+    $filtertype   = clean_param($filtertype, PARAM_ALPHA);
+    $filterselect = clean_param($filterselect, PARAM_INT);
+
     if (empty($currenttab) or empty($user) or empty($course)) {
         //error('You cannot call this script in that way');
     }