From 6908c07fb9514d582f683e38a0c7a8cf4861c6e6 Mon Sep 17 00:00:00 2001
From: Dries <dries@buytaert.net>
Date: Thu, 9 Aug 2012 16:21:01 -0400
Subject: [PATCH] - Patch #1684976 by droplet, timmillwood: Better validation
 for statistics.php.

---
 core/modules/statistics/statistics.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/modules/statistics/statistics.php b/core/modules/statistics/statistics.php
index 6ccc96d225a7..87e3daebeccb 100644
--- a/core/modules/statistics/statistics.php
+++ b/core/modules/statistics/statistics.php
@@ -17,8 +17,8 @@
 drupal_bootstrap(DRUPAL_BOOTSTRAP_VARIABLES);
 
 if (config('statistics.settings')->get('count_content_views')) {
-  $nid = $_POST['nid'];
-  if (is_numeric($nid)) {
+  $nid = filter_input(INPUT_POST, 'nid', FILTER_VALIDATE_INT);
+  if ($nid) {
     db_merge('node_counter')
       ->key(array('nid' => $nid))
       ->fields(array(
-- 
GitLab