From 57f2e16c8d8dae8ed7bfce37fdc8e4014abad315 Mon Sep 17 00:00:00 2001
From: skodak <skodak>
Date: Tue, 23 May 2006 09:02:13 +0000
Subject: [PATCH] extra cleaning of variables; merged from MOODLE_16_STABLE

---
 user/tabs.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/user/tabs.php b/user/tabs.php
index 85dd670723a..a67986f34e5 100644
--- a/user/tabs.php
+++ b/user/tabs.php
@@ -9,6 +9,10 @@
         $filterselect = '';
     }
 
+    //make sure everything is cleaned properly
+    $filtertype   = clean_param($filtertype, PARAM_ALPHA);
+    $filterselect = clean_param($filterselect, PARAM_INT);
+
     if (empty($currenttab) or empty($user) or empty($course)) {
         //error('You cannot call this script in that way');
     }