iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-04-30 18:42:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

fixes #1010 prevent from SQL injection with user input check

Browse Source
This commit is contained in:
plegall
2019-08-12 16:24:27 +02:00
parent fccb6caa75
commit 91349065ea
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
admin/cat_move.php
View File

@@ -31,7 +31,9 @@ if (isset($_POST['submit']))
{
if (count($_POST['selection']) > 0)
{
// TODO: tests
check_input_parameter('selection', $_POST, true, PATTERN_ID);
check_input_parameter('parent', $_POST, false, PATTERN_ID);
move_categories($_POST['selection'], $_POST['parent']);
}
else