fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HOR-285 Now sanitizing input for Process titles.

Browse Source
This commit is contained in:
Chloe Deguzman
2016-03-04 12:45:41 +00:00
parent 591d4f59c4
commit a1cf620cda
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
workflow/engine/src/ProcessMaker/Project/Workflow.php
View File

@@ -66,6 +66,15 @@ class Workflow extends Handler
$data['PRO_CATEGORY'] = array_key_exists('PRO_CATEGORY', $data) ? $data['PRO_CATEGORY'] : ""; $data['PRO_CATEGORY'] = array_key_exists('PRO_CATEGORY', $data) ? $data['PRO_CATEGORY'] : "";
try { try {
// Check to make sure that there aren't any html sneaking into process titles.
$testTitle = strip_tags($data['PRO_TITLE']);
if($testTitle != $data['PRO_TITLE']) {
$data['PRO_TITLE'] = $testTitle;
}
self::log("Create Process with data:", $data); self::log("Create Process with data:", $data);
//validate if process with specified name already exists //validate if process with specified name already exists