merge r30952 from trunk to branch 2.7

bug 3202 fixed: additional input check for filter_level git-svn-id: http://piwigo.org/svn/branches/2.7@30953 68402e56-0260-453c-a942-63ccdbb3a9ee
author: plegall <plg@piwigo.org> 2015-02-12 14:39:36 +0000
committer: plegall <plg@piwigo.org> 2015-02-12 14:39:36 +0000
commit: cd74b8548f0f9217102db1eec9cb6ca5616f6fd5 (patch)
tree: 63ba1c6fafb311e01649d2939f5aaf4fef3d2b79
parent: c0608565dabae6b25456ff6f665b0cd0f5afae4b (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/admin/batch_manager.php b/admin/batch_manager.php
index bd64437c8..257b11bb9 100644
--- a/admin/batch_manager.php
+++ b/admin/batch_manager.php
@@ -116,6 +116,8 @@ if (isset($_POST['submitFilter']))
 
   if (isset($_POST['filter_level_use']))
   {
+    check_input_parameter('filter_level', $_POST, false, '/^\d+$/');
+    
     if (in_array($_POST['filter_level'], $conf['available_permission_levels']))
     {
       $_SESSION['bulk_manager_filter']['level'] = $_POST['filter_level'];
author	plegall <plg@piwigo.org>	2015-02-12 14:39:36 +0000
committer	plegall <plg@piwigo.org>	2015-02-12 14:39:36 +0000
commit	cd74b8548f0f9217102db1eec9cb6ca5616f6fd5 (patch)
tree	63ba1c6fafb311e01649d2939f5aaf4fef3d2b79
parent	c0608565dabae6b25456ff6f665b0cd0f5afae4b (diff)