From cd74b8548f0f9217102db1eec9cb6ca5616f6fd5 Mon Sep 17 00:00:00 2001
From: plegall <plg@piwigo.org>
Date: Thu, 12 Feb 2015 14:39:36 +0000
Subject: merge r30952 from trunk to branch 2.7

bug 3202 fixed: additional input check for filter_level


git-svn-id: http://piwigo.org/svn/branches/2.7@30953 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 admin/batch_manager.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/admin/batch_manager.php b/admin/batch_manager.php
index bd64437c8..257b11bb9 100644
--- a/admin/batch_manager.php
+++ b/admin/batch_manager.php
@@ -116,6 +116,8 @@ if (isset($_POST['submitFilter']))
 
   if (isset($_POST['filter_level_use']))
   {
+    check_input_parameter('filter_level', $_POST, false, '/^\d+$/');
+    
     if (in_array($_POST['filter_level'], $conf['available_permission_levels']))
     {
       $_SESSION['bulk_manager_filter']['level'] = $_POST['filter_level'];
-- 
cgit v1.2.3