security/core#14 Validate "context" inputs

[civicrm-core.git] / CRM / Mailing / Page / Event.php

diff --git a/CRM/Mailing/Page/Event.php b/CRM/Mailing/Page/Event.php
index 90aef4ec1e9579493bca865b8ef49089d17403ee..c0db83a0ed37aa229e1a9ebe445d7d4b480fb47f 100644 (file)
--- a/CRM/Mailing/Page/Event.php
+++ b/CRM/Mailing/Page/Event.php
@@ -63,7 +63,7 @@ class CRM_Mailing_Page_Event extends CRM_Core_Page {
     // check that the user has permission to access mailing id
     CRM_Mailing_BAO_Mailing::checkPermission($mailing_id);
 
-    $context = CRM_Utils_Request::retrieve('context', 'String', $this);
+    $context = CRM_Utils_Request::retrieve('context', 'Alphanumeric', $this);
 
     if ($context == 'activitySelector') {
       $cid = CRM_Utils_Request::retrieve('cid', 'Positive', $this);