Made the issue stats query more secure with parameterized placeholders (#2895)

2016-04-26 06:07:49 +02:00 · 2016-04-26 06:07:49 +02:00 · dfad51fe9e
commit dfad51fe9e
parent 7049cb9d97
2 changed files with 88 additions and 65 deletions
--- a/routers/repo/issue.go
+++ b/routers/repo/issue.go
@ -146,7 +146,7 @@ func Issues(ctx *context.Context) {
 	issueStats := models.GetIssueStats(&models.IssueStatsOptions{
 		RepoID:      repo.ID,
 		UserID:      uid,
-		LabelID:     com.StrTo(selectLabels).MustInt64(),
+		Labels:      selectLabels,
 		MilestoneID: milestoneID,
 		AssigneeID:  assigneeID,
 		FilterMode:  filterMode,