security/core#14 Validate "context" inputs

[civicrm-core.git] / CRM / Case / Form / CaseView.php

diff --git a/CRM/Case/Form/CaseView.php b/CRM/Case/Form/CaseView.php
index 3b5ae3167d7fd77eefa566cfaafdd97009f8554f..ba7814ec0f0f2beaf6d52744db3ed447ce255cb6 100644 (file)
--- a/CRM/Case/Form/CaseView.php
+++ b/CRM/Case/Form/CaseView.php
@@ -77,7 +77,7 @@ class CRM_Case_Form_CaseView extends CRM_Core_Form {
       CRM_Core_Error::fatal(ts('You are not authorized to access this page.'));
     }
 
-    $fulltext = CRM_Utils_Request::retrieve('context', 'String');
+    $fulltext = CRM_Utils_Request::retrieve('context', 'Alphanumeric');
     if ($fulltext == 'fulltext') {
       $this->assign('fulltext', $fulltext);
     }