Commit fcf5eaadcc8409207298b6f4893b777f7ab5b870
1 parent
055d53ff
Use validateString on the workflow name given.
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@4470 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
9 additions
and
2 deletions
plugins/ktcore/admin/workflows.php
| @@ -132,9 +132,16 @@ class KTWorkflowDispatcher extends KTStandardDispatcher { | @@ -132,9 +132,16 @@ class KTWorkflowDispatcher extends KTStandardDispatcher { | ||
| 132 | 132 | ||
| 133 | // {{{ do_newWorkflow | 133 | // {{{ do_newWorkflow |
| 134 | function do_newWorkflow() { | 134 | function do_newWorkflow() { |
| 135 | + $aErrorOptions = array( | ||
| 136 | + 'redirect_to' => array('main'), | ||
| 137 | + 'message' => 'No name given', | ||
| 138 | + ); | ||
| 139 | + $sName = KTUtil::arrayGet($_REQUEST, 'fName'); | ||
| 140 | + $sName = $this->oValidator->validateString($sName, | ||
| 141 | + $aErrorOptions); | ||
| 135 | $res = KTWorkflow::createFromArray(array( | 142 | $res = KTWorkflow::createFromArray(array( |
| 136 | - 'name' => $_REQUEST['fName'], | ||
| 137 | - 'humanname' => $_REQUEST['fName'], | 143 | + 'name' => $sName, |
| 144 | + 'humanname' => $sName, | ||
| 138 | )); | 145 | )); |
| 139 | $this->oValidator->notError($res, array( | 146 | $this->oValidator->notError($res, array( |
| 140 | 'redirect_to' => array('main'), | 147 | 'redirect_to' => array('main'), |