Skip to content

Commit

Permalink
Improve validation for filter sort and direction
Browse files Browse the repository at this point in the history 
Fixes #17841
  • Loading branch information
@vboctor @dregad
vboctor authored and dregad committed Nov 25, 2014
1 parent 5d1a57f commit b002167
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions core/filter_api.php
View file
Expand Up @@ -606,8 +606,20 @@ function filter_ensure_valid_filter( $p_filter_arr ) {
unset( $t_fields[$i] );
}
}

# Make sure array is no longer than 2 elements
$t_sort_fields = explode( ',', $p_filter_arr['sort'] );
if( count( $t_sort_fields ) > 2 ) {
$t_sort_fields = array_slice( $t_sort_fields, 0, 2 );
}

# Make sure array is no longer than 2 elements
$t_dir_fields = explode( ',', $p_filter_arr['dir'] );
if( count( $t_dir_fields ) > 2 ) {
$t_dir_fields = array_slice( $t_dir_fields, 0, 2 );
}

# Validate the max of two segments for $t_sort_fields and $t_dir_fields
for( $i = 0;$i < 2;$i++ ) {
if( isset( $t_sort_fields[$i] ) ) {
$t_drop = false;
Expand Down

0 comments on commit b002167

Please sign in to comment.