Skip to content
Permalink
Browse files Browse the repository at this point in the history
filtering the update key a bit better
  • Loading branch information
caseysoftware committed Apr 30, 2014
1 parent eead99b commit ab5ba92
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions do_updatecontact.php
Expand Up @@ -7,6 +7,7 @@
$AppUI = new w2p_Core_CAppUI();

$updatekey = w2PgetParam($_POST, 'updatekey', 0);
$updatekey = preg_replace("/[^A-Za-z0-9]/", "", $updatekey);
$contact_id = (int) CContact::getContactByUpdatekey($updatekey);

if (!$contact_id) {
Expand Down
1 change: 1 addition & 0 deletions updatecontact.php
Expand Up @@ -6,6 +6,7 @@
$AppUI = new w2p_Core_CAppUI();

$updatekey = w2PgetParam($_GET, 'updatekey', 0);
$updatekey = preg_replace("/[^A-Za-z0-9]/", "", $updatekey);
$contact_id = CContact::getContactByUpdatekey($updatekey);

$company_id = intval(w2PgetParam($_REQUEST, 'company_id', 0));
Expand Down

0 comments on commit ab5ba92

Please sign in to comment.