Index: trunk/DNSDB.pm
===================================================================
--- trunk/DNSDB.pm	(revision 308)
+++ trunk/DNSDB.pm	(revision 309)
@@ -1463,7 +1463,4 @@
   return ('FAIL',"Need domain status") if !defined($state);
 
-  my %userinfo = @_;	# remaining bits.
-# user ID, username, user full name
-
   $state = 1 if $state =~ /^active$/;
   $state = 1 if $state =~ /^on$/;
@@ -1887,5 +1884,5 @@
   my @zonelist;
 
-  $args{sortorder} = 'ASC' if !grep $args{sortorder}, ('ASC','DESC');
+  $args{sortorder} = 'ASC' if !grep /^$args{sortorder}$/, ('ASC','DESC');
   $args{offset} = 0 if !$args{offset} || $args{offset} !~ /^(?:all|\d+)$/;
 
@@ -1899,5 +1896,5 @@
   # Not as compact, and fix-me-twice if the common bits get wrong, but much easier to read
   if ($args{revrec} eq 'n') {
-    $args{sortby} = 'domain' if !grep $args{sortby}, ('revnet','group','status');
+    $args{sortby} = 'domain' if !grep /^$args{sortby}$/, ('domain','group','status');
     $sql = "SELECT domain_id,domain,status,groups.group_name AS group FROM domains".
 	" INNER JOIN groups ON domains.group_id=groups.group_id".
@@ -1907,5 +1904,5 @@
   } else {
 ##fixme:  arguably startwith here is irrelevant.  depends on the UI though.
-    $args{sortby} = 'revnet' if !grep $args{sortby}, ('domain','group','status');
+    $args{sortby} = 'revnet' if !grep /^$args{sortby}$/, ('revnet','group','status');
     $sql = "SELECT rdns_id,revnet,status,groups.group_name AS group FROM revzones".
 	" INNER JOIN groups ON revzones.group_id=groups.group_id".
@@ -3347,5 +3344,4 @@
 
     if ($rev eq 'n') {
-
 ##fixme:  serial
       $dbh->do("INSERT INTO domains (domain,group_id,status) VALUES (?,?,?)", undef, ($zone,$group,$status) );