iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-05-07 13:55:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

(cp 02275fe) fixes #839, check input parameters on admin/tags.php

Browse Source
This commit is contained in:
plegall
2018-02-22 14:18:59 +01:00
parent 6d2f2a1d0d
commit aee8fa1f8d
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
admin/tags.php
+5
View File
@@ -32,6 +32,11 @@ check_status(ACCESS_ADMINISTRATOR);
if (!empty($_POST))
{
check_pwg_token();
check_input_parameter('tags', $_POST, true, PATTERN_ID);
check_input_parameter('selectAction', $_POST, false, '/^(edit|merge|duplicate|delete)$/');
check_input_parameter('edit_list', $_POST, false, '/^\d+(,\d+)*$/');
check_input_parameter('merge_list', $_POST, false, '/^\d+(,\d+)*$/');
check_input_parameter('destination_tag', $_POST, false, PATTERN_ID);
}
// +-----------------------------------------------------------------------+