projects / civicrm-core.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
security/core#14 Validate "context" inputs
[civicrm-core.git] / CRM / UF / Page / Group.php
diff --git a/CRM/UF/Page/Group.php b/CRM/UF/Page/Group.php
index e4bfb1b2fd404be7bbf73049f7ecc8303f539e3e..c87feb2e6da3f3394b45a6edbfca044981bee104 100644 (file)
--- a/CRM/UF/Page/Group.php
+++ b/CRM/UF/Page/Group.php
@@ -1,9 +1,9 @@
 <?php
 /*
  +--------------------------------------------------------------------+
- | CiviCRM version 4.7                                                |
+ | CiviCRM version 5                                                  |
  +--------------------------------------------------------------------+
- | Copyright CiviCRM LLC (c) 2004-2017                                |
+ | Copyright CiviCRM LLC (c) 2004-2018                                |
  +--------------------------------------------------------------------+
  | This file is a part of CiviCRM.                                    |
  |                                                                    |
@@ -28,7 +28,7 @@
 /**
  *
  * @package CRM
- * @copyright CiviCRM LLC (c) 2004-2017
+ * @copyright CiviCRM LLC (c) 2004-2018
  * $Id$
  *
  */
@@ -406,7 +406,7 @@ class CRM_UF_Page_Group extends CRM_Core_Page {
    * @param $action
    */
   public function setContext($id, $action) {
-    $context = CRM_Utils_Request::retrieve('context', 'String', $this);
+    $context = CRM_Utils_Request::retrieve('context', 'Alphanumeric', $this);
 
     //we need to differentiate context for update and preview profile.
     if (!$context && !($action & (CRM_Core_Action::UPDATE | CRM_Core_Action::PREVIEW))) {