Skip to:
Content

bbPress.org

Changeset 5588


Ignore:
Timestamp:
01/10/2015 10:55:39 PM (10 years ago)
Author:
johnjamesjacoby
Message:

Use sanitize_key() in bbp_get_form_reply_status_dropdown() to ensure value is within expected boundaries. See #2742.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/includes/replies/template.php

    r5561 r5588  
    28022802            // Post value is passed
    28032803            if ( bbp_is_reply_form_post_request() && isset( $_POST[ $r['select_id'] ] ) ) {
    2804                 $r['selected'] = $_POST[ $r['select_id'] ];
     2804                $r['selected'] = sanitize_key( $_POST[ $r['select_id'] ] );
    28052805
    28062806            // No Post value was passed
Note: See TracChangeset for help on using the changeset viewer.