fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

I reviewed the XSS - MEDIUM in 7 fiels

Browse Source
This commit is contained in:
Paula V. Quispe
2015-03-16 17:26:48 -04:00
parent 4bc49c7568
commit b6fdc8e7be
8 changed files with 34 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
workflow/engine/classes/model/AdditionalTables.php
View File

@@ -446,11 +446,11 @@ class AdditionalTables extends BaseAdditionalTables
eval('$count = ' . $sClassPeerName . '::doCount($oCriteria);');
}
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$sort = $filter->validateInput($_POST['sort']);
$filter = new InputFilter();
$sClassPeerName = $filter->validateInput($sClassPeerName);
if (isset($_POST['sort'])) {
$_POST['sort'] = $filter->validateInput($_POST['sort']);
if ($_POST['dir'] == 'ASC') {
if ($keyOrderUppercase) {
eval('$oCriteria->addAscendingOrderByColumn("' . $sort . '");');