Skip to content

Commit

Permalink
* Fixed validation bug in the reports controller
Browse files Browse the repository at this point in the history
  • Loading branch information
Emmanuel Kala committed Mar 12, 2011
1 parent d3543fc commit 47c28eb
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion application/controllers/reports.php
View file
Expand Up @@ -51,7 +51,8 @@ public function index($cluster_id = 0)

// Get incident_ids if we are to filter by category
$allowed_ids = array();
if (isset($_GET['c']) AND !empty($_GET['c']) AND $_GET['c']!=0)

if (isset($_GET['c']) AND !empty($_GET['c']) AND is_int($_GET['c']) AND (int)$_GET['c'] > 0)
{
$category_id = $db->escape($_GET['c']);
$query = 'SELECT ic.incident_id AS incident_id FROM '.$this->table_prefix.'incident_category AS ic INNER JOIN '.$this->table_prefix.'category AS c ON (ic.category_id = c.id) WHERE c.id='.$category_id.' OR c.parent_id='.$category_id.';';
Expand All @@ -62,6 +63,10 @@ public function index($cluster_id = 0)
$allowed_ids[] = $items->incident_id;
}
}
elseif ( ! empty($_GET['c']) AND !is_int($_GET['c']))
{
$allowed_ids[] = -1;
}

// Get location_ids if we are to filter by location
$location_ids = array();
Expand Down

0 comments on commit 47c28eb

Please sign in to comment.