security/core#14 Validate "context" inputs

[civicrm-core.git] / CRM / Contact / Page / DedupeRules.php

diff --git a/CRM/Contact/Page/DedupeRules.php b/CRM/Contact/Page/DedupeRules.php
index ac21c9ce79aaa5e0e0de18e240680466c35a821a..a54cda57fcdad49918155945a0d925e43ca1cfba 100644 (file)
--- a/CRM/Contact/Page/DedupeRules.php
+++ b/CRM/Contact/Page/DedupeRules.php
@@ -101,7 +101,7 @@ class CRM_Contact_Page_DedupeRules extends CRM_Core_Page_Basic {
   public function run() {
     $id = $this->getIdAndAction();
 
-    $context = CRM_Utils_Request::retrieve('context', 'String', $this, FALSE);
+    $context = CRM_Utils_Request::retrieve('context', 'Alphanumeric', $this, FALSE);
     if ($context == 'nonDupe') {
       CRM_Core_Session::setStatus(ts('Selected contacts have been marked as not duplicates'), ts('Changes Saved'), 'success');
     }