Skip to content
Permalink
Browse files Browse the repository at this point in the history
fix: security #8829
  • Loading branch information
fmancardi committed Dec 30, 2019
1 parent 146b4f3 commit 942c406
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 3 deletions.
5 changes: 3 additions & 2 deletions lib/plan/newest_tcversions.php
Expand Up @@ -88,11 +88,12 @@ function init_args()

$args = new stdClass();
$args->user_id = $_SESSION['userID'];
$args->tproject_id = $_SESSION['testprojectID'];
$args->tproject_id = intval($_SESSION['testprojectID']);
$args->tproject_name = $_SESSION['testprojectName'];

$args->tplan_id = isset($_REQUEST['tplan_id']) ? $_REQUEST['tplan_id'] : $_SESSION['testplanID'];

$args->tplan_id = intval($args->tplan_id);

$args->id = isset($_REQUEST['id']) ? $_REQUEST['id'] : null;
$args->version_id = isset($_REQUEST['version_id']) ? $_REQUEST['version_id'] : 0;
$args->level = isset($_REQUEST['level']) ? $_REQUEST['level'] : null;
Expand Down
2 changes: 1 addition & 1 deletion lib/plan/planUpdateTC.php
Expand Up @@ -114,7 +114,7 @@ function init_args(&$tplanMgr)
{
$_REQUEST = strings_stripSlashes($_REQUEST);
$args = new stdClass();
$args->id = isset($_REQUEST['id']) ? $_REQUEST['id'] : null;
$args->id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : null;
$args->level = isset($_REQUEST['level']) ? $_REQUEST['level'] : null;
$args->doAction = isset($_REQUEST['doAction']) ? $_REQUEST['doAction'] : null;

Expand Down

0 comments on commit 942c406

Please sign in to comment.