diff --git a/web/includes/actions/eventdetail.php b/web/includes/actions/eventdetail.php index c0507776f..561c2cb78 100644 --- a/web/includes/actions/eventdetail.php +++ b/web/includes/actions/eventdetail.php @@ -31,7 +31,7 @@ if ( !canEdit('Events') ) { if ( $action == 'eventdetail' ) { $dbConn->beginTransaction(); - foreach ( getAffectedIds('markEid') as $markEid ) { + foreach ( $_REQUEST['markEids'] as $markEid ) { dbQuery('UPDATE Events SET Cause=?, Notes=? WHERE Id=?', array( $_REQUEST['newEvent']['Cause'], diff --git a/web/skins/classic/views/eventdetail.php b/web/skins/classic/views/eventdetail.php index 1afe23d9f..388c7cfb2 100644 --- a/web/skins/classic/views/eventdetail.php +++ b/web/skins/classic/views/eventdetail.php @@ -33,7 +33,7 @@ if ( isset($_REQUEST['eid']) ) { $sqlValues = array(); foreach ( $_REQUEST['eids'] as $eid ) { $sqlWhere[] = 'E.Id = ?'; - $sqlValues[] = $eid; + $sqlValues[] = validInt($eid); } unset($eid); $sql .= join(' OR ', $sqlWhere); @@ -80,14 +80,14 @@ if ( $mode == 'single' ) { - + - +