fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

validate params sort

Browse Source
This commit is contained in:
Ronald Quenta
2017-08-08 13:41:30 -04:00
parent 496d590f42
commit af6d8389a4
1 changed files with 66 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
workflow/engine/methods/mails/emailsAjax.php
View File

@@ -2,12 +2,7 @@
use ProcessMaker\Exception\RBACException;
$req = (isset($_POST['request']))? $_POST['request']:((isset($_REQUEST['request']))? $_REQUEST['request'] : 'No hayyy tal');
require_once 'classes/model/Content.php';
require_once 'classes/model/AppMessage.php';
require_once 'classes/model/AppDelegation.php';
require_once 'classes/model/Application.php';
$req = (isset($_REQUEST['request']) ? $_REQUEST['request'] : '');
/** @var RBAC $RBAC */
global $RBAC;
@@ -178,6 +173,9 @@ switch($req){
}
if ($sort != '') {
if (!in_array($sort, AppMessagePeer::getFieldNames(BasePeer::TYPE_FIELDNAME))) {
throw new Exception(G::LoadTranslation('ID_INVALID_VALUE_FOR', array('$sort')));
}
if ($dir == 'ASC') {
$criteria->addAscendingOrderByColumn($sort);
} else {