foreach (array('forum', 'topic_id', 'post_id', 'order', 'pid') as $getint) {
${$getint} = isset($HTTP_POST_VARS[$getint]) ? intval($HTTP_POST_VARS[$getint]) : 0;
}
$order = isset($order) ? intval($order) : '';
As you know, 'order' has string-value like "ASC", "DESC" not integer value..in newbb module.
So this code can cause some trouble.
I think this code should be like this!
foreach (array('order', 'etc') as $getstr) {
${$getstr} = isset($_POST[$getstr]) ? addslashes(trim($_POST[$getstr])) : '';
}
foreach (array('order', 'etc') as $getstr) {
${$getstr} = isset($_GET[$getstr]) ? addslashes(trim($_GET[$getstr])) : '';
}
$order = isset($_GET['order']) ? addslashes(trim($_GET['order'])) : '';
$order = isset($_POST['order']) ? addslashes(trim($_POST['order'])) : '';