From: Pradeep Nayak <pradpnayak@gmail.com>
Date: Tue, 25 Aug 2015 20:45:58 +0000 (+0530)
Subject: --CRM-16906, applied Joe's commit https://github.com/civicrm/civicrm-core/commit... 
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=78dd2103fe9e5fa41fcbf7c18376b6e500bd5126;p=civicrm-core.git

--CRM-16906, applied Joe's commit https://github.com/civicrm/civicrm-core/commit/663893bd24126e3c9e89e0f66195805bb71b7a50
---

diff --git a/CRM/Campaign/BAO/Petition.php b/CRM/Campaign/BAO/Petition.php
index bb952463e1..55f411550c 100644
--- a/CRM/Campaign/BAO/Petition.php
+++ b/CRM/Campaign/BAO/Petition.php
@@ -267,15 +267,21 @@ AND         tag_id = ( SELECT id FROM civicrm_tag WHERE name = %2 )";
       2 => array($tag_name, 'String'),
     );
     CRM_Core_DAO::executeQuery($sql, $params);
-
-    // set permanent cookie to indicate this users email address now confirmed
-    setcookie("confirmed_{$petition_id}",
-      $activity_id,
-      time() + $this->cookieExpire,
-      '/'
-    );
-
-    return TRUE;
+    // validate arguments to setcookie are numeric to prevent header manipulation
+    if (isset($petition_id) && is_numeric($petition_id)
+      && isset($activity_id) && is_numeric($activity_id)) {
+      // set permanent cookie to indicate this users email address now confirmed
+      setcookie("confirmed_{$petition_id}",
+        $activity_id,
+        time() + $this->cookieExpire,
+        '/'
+      );
+      return TRUE;
+    }
+    else {
+      // TODO: raise an error?
+      return FALSE;
+    }
   }
 
   /**