diff options
author | Phil Davis <phil.davis@inf.org> | 2017-04-17 21:17:19 +0545 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2017-04-20 15:48:41 -0300 |
commit | 79a2945a2c54f3f9864326f1f2dad3a58c11f485 (patch) | |
tree | de3d176cebd3befa177ef6f05e3cea686eeaddf9 /src/usr/local/www/system_advanced_notifications.php | |
parent | 7f8e4d5f36a12406b114a0eb318a3bb5f45213fa (diff) | |
download | pfsense-79a2945a2c54f3f9864326f1f2dad3a58c11f485.zip pfsense-79a2945a2c54f3f9864326f1f2dad3a58c11f485.tar.gz |
Do input validation on the actual array passed in
I was tearing my hair out for a while. If do_input_validation() is passed some array of keys/values that has been assembled elsewhere (not $_POST, $_GET or $_REQUEST superglobals) then it does not work. The code here, for at least the last 7 years, has actually been checking the array keys in the "hard-coded" superglobals. That is a bit surprising, since the array to be checked is passed in as $postdata parameter.
(cherry picked from commit 4df266f5bcea2e6804799e6c3db06cbc98366e42)
Diffstat (limited to 'src/usr/local/www/system_advanced_notifications.php')
0 files changed, 0 insertions, 0 deletions