iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-03-28 17:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

fixes #839, check input parameters on admin/tags.php

Browse Source
This commit is contained in:
plegall
2018-02-21 17:34:56 +01:00
parent b6d61a78bb
commit 02275fe275
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
admin/tags.php
View File

@@ -32,6 +32,11 @@ check_status(ACCESS_ADMINISTRATOR);
if (!empty($_POST))
{
check_pwg_token();
check_input_parameter('tags', $_POST, true, PATTERN_ID);
check_input_parameter('selectAction', $_POST, false, '/^(edit|merge|duplicate|delete)$/');
check_input_parameter('edit_list', $_POST, false, '/^\d+(,\d+)*$/');
check_input_parameter('merge_list', $_POST, false, '/^\d+(,\d+)*$/');
check_input_parameter('destination_tag', $_POST, false, PATTERN_ID);
}
// +-----------------------------------------------------------------------+