mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-24 08:22:07 +02:00
Code Issues Releases Wiki Activity

Issue #4576 Added pattern validation to extended field name input to prevent possible SQL errors.

Browse Source
This commit is contained in:
Cameron
2021-11-26 09:46:18 -08:00
parent 9d6a9611e2
commit 0830d730f6
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
e107_admin/users_extended.php
View File

@@ -929,8 +929,8 @@ e107::js('footer-inline', js());
$field = [];
$field['type'] = 'text';
$field['writeParms'] = $att;
$field['pattern'] = '[0-9a-z_]*';
return $this->renderElement('user_extended_struct_name', $curVal, $field);
break;