projects / civicrm-core.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
security/core#14 Validate "context" inputs
[civicrm-core.git] / CRM / Contribute / Page / Tab.php
diff --git a/CRM/Contribute/Page/Tab.php b/CRM/Contribute/Page/Tab.php
index a2f1a578f8b1b491505ed09b6946bf8642f9e333..5dabc4f2b8f88a5e87eef1bf2da26073f0aacbb6 100644 (file)
--- a/CRM/Contribute/Page/Tab.php
+++ b/CRM/Contribute/Page/Tab.php
@@ -313,7 +313,7 @@ class CRM_Contribute_Page_Tab extends CRM_Core_Page {
   }
 
   public function preProcess() {
-    $context = CRM_Utils_Request::retrieve('context', 'String', $this);
+    $context = CRM_Utils_Request::retrieve('context', 'Alphanumeric', $this);
     $this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, FALSE, 'browse');
     $this->_id = CRM_Utils_Request::retrieve('id', 'Positive', $this);
 
@@ -371,7 +371,7 @@ class CRM_Contribute_Page_Tab extends CRM_Core_Page {
 
   public function setContext() {
     $qfKey = CRM_Utils_Request::retrieve('key', 'String', $this);
-    $context = CRM_Utils_Request::retrieve('context', 'String',
+    $context = CRM_Utils_Request::retrieve('context', 'Alphanumeric',
       $this, FALSE, 'search'
     );
     $compContext = CRM_Utils_Request::retrieve('compContext', 'String', $this);