[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Noalyss-commit] [noalyss] 03/05: security : check id
From: |
Dany De Bontridder |
Subject: |
[Noalyss-commit] [noalyss] 03/05: security : check id |
Date: |
Sat, 10 Jan 2015 12:00:08 +0000 |
sparkyx pushed a commit to branch master
in repository noalyss.
commit de78b251357e22305a70aca2063178849064e6db
Author: Dany De Bontridder <address@hidden>
Date: Sat Jan 10 12:43:07 2015 +0100
security : check id
---
html/show_pj.php | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/html/show_pj.php b/html/show_pj.php
index 8cba438..faf4841 100644
--- a/html/show_pj.php
+++ b/html/show_pj.php
@@ -45,6 +45,7 @@ global $g_user;
$g_user=new User($cn);
$g_user->Check();
$g_user->check_dossier($gDossier);
+if ( isNumber($jr_grpt_id) != 0 ) die (_('Données invalides'));
// retrieve the jrn
$r=$cn->exec_sql("select jr_def_id from jrn where jr_grpt_id=$jr_grpt_id");
- [Noalyss-commit] [noalyss] branch master updated (d8e596d -> 37c6068), Dany De Bontridder, 2015/01/10
- [Noalyss-commit] [noalyss] 01/05: Task #1078 - Bug opération prédéfinie pour les opérations diverses To fix the bug, we implement a safer way to get data from _POST, the function Pre_Op_Advance::get_post was not correct, Dany De Bontridder, 2015/01/10
- [Noalyss-commit] [noalyss] 04/05: Task #1079 - Bug : filtre pour client, fournisseur dans gestion Bug : quick filter on column name was broken, Dany De Bontridder, 2015/01/10
- [Noalyss-commit] [noalyss] 05/05: Merge rel6800-xmas, Dany De Bontridder, 2015/01/10
- [Noalyss-commit] [noalyss] 02/05: Traduction, Dany De Bontridder, 2015/01/10
- [Noalyss-commit] [noalyss] 03/05: security : check id,
Dany De Bontridder <=