[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Noalyss-commit] [noalyss] 59/238: Security fix : f_id is a number
From: |
Dany De Bontridder |
Subject: |
[Noalyss-commit] [noalyss] 59/238: Security fix : f_id is a number |
Date: |
Sat, 26 Oct 2019 04:40:32 -0400 (EDT) |
sparkyx pushed a commit to annotated tag rel7110
in repository noalyss.
commit 6482988c75ace6b35f1227bbeaa3aea7e426cbac
Author: Dany De Bontridder <address@hidden>
Date: Sat Jun 2 08:28:44 2018 +0200
Security fix : f_id is a number
---
include/category_card.inc.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/category_card.inc.php b/include/category_card.inc.php
index 4e1b993..ce26bc1 100644
--- a/include/category_card.inc.php
+++ b/include/category_card.inc.php
@@ -34,7 +34,7 @@ global $http;
$str_dossier=Dossier::get();
-$root="?".http_build_query(["ac"=>$http->request("ac"),"sb"=>"detail","f_id"=>$http->request("f_id")]);
+$root="?".http_build_query(["ac"=>$http->request("ac"),"sb"=>"detail","f_id"=>$http->request("f_id","number")]);
$root.="&".$str_dossier;
$ss_action=$http->request("sc", "string", "dc");
- [Noalyss-commit] [noalyss] 52/238: Create invoice : New version of libreoffice use the numeric in another way, (continued)
- [Noalyss-commit] [noalyss] 52/238: Create invoice : New version of libreoffice use the numeric in another way, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 65/238: Merge branch 'master' into r700-currency, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 68/238: Documentation, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 76/238: Bug : cannot set group, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 37/238: comment, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 40/238: Fix bug quant_purchase , private fee not saved, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 48/238: Task #448 : add currency to card -> history + export CSV, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 58/238: Fix : security fixes see rapport exakat (Damien Seguy), Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 62/238: translation, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 64/238: Merge master, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 59/238: Security fix : f_id is a number,
Dany De Bontridder <=
- [Noalyss-commit] [noalyss] 74/238: Merge branch 'r700-currency' of gitlab.noalyss.eu:noalyss/noalyss into r700-currency, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 63/238: CFGLED : security fix : remove $_REQUEST, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 66/238: Remove the default "<div class=content>" which lead to cosmetic bug in the plugins, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 75/238: Improve waiting box, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 88/238: FIN : cosmetic : bug due the currency feature in the input there are 2 supplementary rows for total in EUR and CURRENCY. Those rows don't exist for FIN, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 85/238: Currency : financial ledger can be set to a specific currency, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 105/238: Background color, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 107/238: Currency : export PDF and CSV with currency for printing financial ledger listing(oneline), Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 55/238: integrate fix for bug in insert_quant_purchase which cannot save private fee Conflicts: include/sql/patch/upgrade128.sql, Dany De Bontridder, 2019/10/26
- [Noalyss-commit] [noalyss] 60/238: Security fix : f_id is a number, Dany De Bontridder, 2019/10/26