More input sanitizing

git-svn-id: https://svn.roundcube.net/trunk@931 208e9e7b-5314-0410-a742-e7e81cd9613c

2 files changed, 3 insertions, 3 deletions

diff --git a/roundcubemail/program/steps/mail/func.inc b/roundcubemail/program/steps/mail/func.inc
index 95deaa4b9..dd3801672 100644
--- a/roundcubemail/program/steps/mail/func.inc
+++ b/roundcubemail/program/steps/mail/func.inc
@@ -1191,7 +1191,7 @@ function rcmail_message_part_controls()
   {
   global $CONFIG, $IMAP, $MESSAGE;
   
-  $part = get_input_value('_part', RCUBE_INPUT_GPC);
+  $part = asciiwords(get_input_value('_part', RCUBE_INPUT_GPC));
   if (!is_array($MESSAGE) || !is_array($MESSAGE['parts']) || !($_GET['_uid'] && $_GET['_part']) || !$MESSAGE['parts'][$part])
     return '';
     
@@ -1225,7 +1225,7 @@ function rcmail_message_part_frame($attrib)
   {
   global $MESSAGE;
   
-  $part = $MESSAGE['parts'][get_input_value('_part', RCUBE_INPUT_GPC)];
+  $part = $MESSAGE['parts'][asciiwords(get_input_value('_part', RCUBE_INPUT_GPC))];
   $ctype_primary = strtolower($part->ctype_primary);
 
   $attrib['src'] = Q('./?'.str_replace('_frame=', ($ctype_primary=='text' ? '_show=' : '_preload='), $_SERVER['QUERY_STRING']));
diff --git a/roundcubemail/program/steps/mail/rss.inc b/roundcubemail/program/steps/mail/rss.inc
index 49d5c0efc..0d7d3c463 100644
--- a/roundcubemail/program/steps/mail/rss.inc
+++ b/roundcubemail/program/steps/mail/rss.inc
@@ -79,7 +79,7 @@ echo '
 
 // Check if the user wants to override the default sortingmethode
 if (isset($_GET['_sort']))
-  list($sort_col, $sort_order) = explode('_', $_GET['_sort']);
+  list($sort_col, $sort_order) = explode('_', get_input_value('_sort', RCUBE_INPUT_GET));
 
 // Add message to output
 if ($messagecount > 0)