AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix injection with role id affecting authenticated admin accounts only

This commit is contained in:
johnnyq 2025-08-04 12:06:05 -04:00
parent e8af173b4f
commit b4e5e3fda7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
admin/post/roles.php
View File

@ -30,7 +30,7 @@ if (isset($_POST['edit_role'])) {
validateCSRFToken($_POST['csrf_token']); validateCSRFToken($_POST['csrf_token']);
$role_id = sanitizeInput($_POST['role_id']); $role_id = intval($_POST['role_id']);
$name = sanitizeInput($_POST['role_name']); $name = sanitizeInput($_POST['role_name']);
$description = sanitizeInput($_POST['role_description']); $description = sanitizeInput($_POST['role_description']);
$admin = intval($_POST['role_is_admin']); $admin = intval($_POST['role_is_admin']);