Skip to content

Commit b002167

Browse files
vboctordregad
authored andcommitted
Improve validation for filter sort and direction
Fixes #17841
1 parent 5d1a57f commit b002167

File tree

1 file changed

+12
-0
lines changed

1 file changed

+12
-0
lines changed

Diff for: core/filter_api.php

+12
Original file line numberDiff line numberDiff line change
@@ -606,8 +606,20 @@ function filter_ensure_valid_filter( $p_filter_arr ) {
606606
unset( $t_fields[$i] );
607607
}
608608
}
609+
610+
# Make sure array is no longer than 2 elements
609611
$t_sort_fields = explode( ',', $p_filter_arr['sort'] );
612+
if( count( $t_sort_fields ) > 2 ) {
613+
$t_sort_fields = array_slice( $t_sort_fields, 0, 2 );
614+
}
615+
616+
# Make sure array is no longer than 2 elements
610617
$t_dir_fields = explode( ',', $p_filter_arr['dir'] );
618+
if( count( $t_dir_fields ) > 2 ) {
619+
$t_dir_fields = array_slice( $t_dir_fields, 0, 2 );
620+
}
621+
622+
# Validate the max of two segments for $t_sort_fields and $t_dir_fields
611623
for( $i = 0;$i < 2;$i++ ) {
612624
if( isset( $t_sort_fields[$i] ) ) {
613625
$t_drop = false;

0 commit comments

Comments
 (0)