- $sort = empty($_REQUEST['sort']) ? $sort : $_REQUEST['sort'];
- $dir = empty($_REQUEST['dir']) ? $dir : $_REQUEST['dir'];
+ $sort = empty($_REQUEST['sort']) || !is_string($_REQUEST['sort']) ? $sort : $_REQUEST['sort'];
+ $dir = empty($_REQUEST['dir']) || !is_string($_REQUEST['dir']) ? $dir : $_REQUEST['dir'];