fixes #847, CVE-2018-5692 protect a few user input variables

This commit is contained in:
plegall
2018-07-11 11:22:31 +02:00
parent 23fa4c1a73
commit 69345c06e2
5 changed files with 8 additions and 0 deletions
+1
View File
@@ -42,6 +42,7 @@ include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
check_status(ACCESS_ADMINISTRATOR);
check_input_parameter('selection', $_POST, true, PATTERN_ID);
check_input_parameter('display', $_REQUEST, false, '/^(\d+|all)$/');
// +-----------------------------------------------------------------------+
// | specific actions |