tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-07-22 18:28:37 +00:00
Code Releases Activity

Safe work

Browse Source
This commit is contained in:
Unknwon
2014-10-25 07:50:19 -04:00
parent f1d8746264
commit 83283bca4c
6 changed files with 40 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
models/issue.go
View File

@@ -211,7 +211,10 @@ func GetIssues(uid, rid, pid, mid int64, page int, isClosed bool, labelIds, sort
if len(labelIds) > 0 {
for _, label := range strings.Split(labelIds, ",") {
sess.And("label_ids like '%$" + label + "|%'")
// Prevent SQL inject.
if com.StrTo(label).MustInt() > 0 {
sess.And("label_ids like '%$" + label + "|%'")
}
}
}