security/core#14 Validate "context" inputs

[civicrm-core.git] / CRM / Case / Page / Tab.php

diff --git a/CRM/Case/Page/Tab.php b/CRM/Case/Page/Tab.php
index 52d84e8c768d0357df5005b62361a7e10348f074..650122db0551f054bd0b7c90d056fd0e3d19fe22 100644 (file)
--- a/CRM/Case/Page/Tab.php
+++ b/CRM/Case/Page/Tab.php
@@ -59,7 +59,7 @@ class CRM_Case_Page_Tab extends CRM_Core_Page {
     }
 
     $this->_id = CRM_Utils_Request::retrieve('id', 'Positive', $this);
-    $this->_context = CRM_Utils_Request::retrieve('context', 'String', $this);
+    $this->_context = CRM_Utils_Request::retrieve('context', 'Alphanumeric', $this);
 
     if ($this->_contactId) {
       $this->assign('contactId', $this->_contactId);
@@ -178,7 +178,7 @@ class CRM_Case_Page_Tab extends CRM_Core_Page {
    */
   public function run() {
     $contactID = CRM_Utils_Request::retrieve('cid', 'Positive', CRM_Core_DAO::$_nullArray);
-    $context = CRM_Utils_Request::retrieve('context', 'String', $this);
+    $context = CRM_Utils_Request::retrieve('context', 'Alphanumeric', $this);
 
     if ($context == 'standalone' && !$contactID) {
       $this->_action = CRM_Core_Action::ADD;