security/core#14 Validate "context" inputs

[civicrm-core.git] / CRM / Contact / Form / Search.php

diff --git a/CRM/Contact/Form/Search.php b/CRM/Contact/Form/Search.php
index e689bc8f2cc1c3c4564efd3106ff99ca5d5e9e67..5b9a2079dd6441351d4cceba97b553723a600240 100644 (file)
--- a/CRM/Contact/Form/Search.php
+++ b/CRM/Contact/Form/Search.php
@@ -555,7 +555,7 @@ class CRM_Contact_Form_Search extends CRM_Core_Form_Search {
     }
 
     // assign context to drive the template display, make sure context is valid
-    $this->_context = CRM_Utils_Request::retrieve('context', 'String', $this, FALSE, 'search');
+    $this->_context = CRM_Utils_Request::retrieve('context', 'Alphanumeric', $this, FALSE, 'search');
     if (!CRM_Utils_Array::value($this->_context, self::validContext())) {
       $this->_context = 'search';
     }