Improved entropy for report file urls.

[fa-stable.git] / admin / create_coy.php

diff --git a/admin/create_coy.php b/admin/create_coy.php
index 128da260f70bc4df96bd2cf6b1e9e47a73264f8c..999f376c8fb93e80d5c6e77629ed2a59d36abda0 100644 (file)
--- a/admin/create_coy.php
+++ b/admin/create_coy.php
@@ -25,11 +25,11 @@ $comp_subdirs = array('images', 'pdf_files', 'backup','js_cache', 'reporting', '
 //---------------------------------------------------------------------------------------------
 if (isset($_GET['selected_id']))
 {
-       $selected_id = $_GET['selected_id'];
+       $selected_id = (int)$_GET['selected_id'];
 }
 elseif (isset($_POST['selected_id']))
 {
-       $selected_id = $_POST['selected_id'];
+       $selected_id = (int)$_POST['selected_id'];
 }
 else
        $selected_id = -1;
@@ -172,7 +172,7 @@ function handle_delete()
 {
        global $def_coy, $db_connections, $comp_subdirs, $path_to_root;
 
-       $id = $_GET['id'];
+       $id = (int)$_GET['id'];
 
        // First make sure all company directories from the one under removal are writable. 
        // Without this after operation we end up with changed per-company owners!
@@ -241,7 +241,7 @@ function display_companies()
        $coyno = $_SESSION["wa_current_user"]->company;
 
        echo "
-               <script language='javascript'>
+               <script type='text/javascript'>
                function deleteCompany(id, name) {
                        if (!confirm('" . _("Are you sure you want to delete company no. ") . "'+id+' '+name+'?'))
                                return