Fix possible serious errors in dynamic form fields
Fix dropping of materialized view when variable name is changed Ensure view exists before merging updates Prevent possible sql injection error in field name used in the materialized view. Prevent possible xss error in the display of the field label and variable name in the admin panel.
Showing
- include/ajax.tickets.php 4 additions, 3 deletionsinclude/ajax.tickets.php
- include/class.dynamic_forms.php 18 additions, 11 deletionsinclude/class.dynamic_forms.php
- include/staff/dynamic-form.inc.php 3 additions, 2 deletionsinclude/staff/dynamic-form.inc.php
- scp/forms.php 2 additions, 0 deletionsscp/forms.php
Loading
Please register or sign in to comment