From 63fe40a2010c206f71a4faa32000c97e417be145 Mon Sep 17 00:00:00 2001
From: "Paula V. Quispe" <paula.quispe@colosa.com>
Date: Fri, 20 Mar 2015 17:07:06 -0400
Subject: [PATCH] I reviewed untrusted initialization by Cases List clear cache
 built

---
 workflow/engine/methods/setup/appCacheViewAjax.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/workflow/engine/methods/setup/appCacheViewAjax.php b/workflow/engine/methods/setup/appCacheViewAjax.php
index 5b2304b60..3091b7525 100755
--- a/workflow/engine/methods/setup/appCacheViewAjax.php
+++ b/workflow/engine/methods/setup/appCacheViewAjax.php
@@ -43,6 +43,9 @@ function testConnection($type, $server, $user, $passwd, $port = 'none', $dbName
                     if ($Server->errno == 0) {
                         $message = "";
                         $response = $Server->tryConnectServer($type);
+                        $server = $filter->validateInput($server);
+                        $user   = $filter->validateInput($user);
+                        $passwd = $filter->validateInput($passwd);
                         $connDatabase = @mysql_connect($server, $user, $passwd);
                         $dbNameTest = "PROCESSMAKERTESTDC";
                         $dbNameTest = $filter->validateInput($dbNameTest, 'nosql');