You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fix(validation): add gfrv() calls for id and action fields in bulk handlers
All three action-save blocks (save_associate, save_templates, save_tholds)
now call get_filter_request_var() for id, notification_action,
notification_warning_action, and notification_alert_action before
consuming those values via get_request_var() in prepared-statement params.
Add inline comment on all RLIKE db_qstr() sites documenting the dual
guard: FILTER_VALIDATE_IS_REGEX pre-validates; db_qstr() SQL-escapes.
Signed-off-by: Thomas Vincent <thomasvincent@gmail.com>
0 commit comments