diff --git a/web/includes/actions/eventdetail.php b/web/includes/actions/eventdetail.php
index c0507776f..561c2cb78 100644
--- a/web/includes/actions/eventdetail.php
+++ b/web/includes/actions/eventdetail.php
@@ -31,7 +31,7 @@ if ( !canEdit('Events') ) {
if ( $action == 'eventdetail' ) {
$dbConn->beginTransaction();
- foreach ( getAffectedIds('markEid') as $markEid ) {
+ foreach ( $_REQUEST['markEids'] as $markEid ) {
dbQuery('UPDATE Events SET Cause=?, Notes=? WHERE Id=?',
array(
$_REQUEST['newEvent']['Cause'],
diff --git a/web/skins/classic/views/eventdetail.php b/web/skins/classic/views/eventdetail.php
index 1afe23d9f..388c7cfb2 100644
--- a/web/skins/classic/views/eventdetail.php
+++ b/web/skins/classic/views/eventdetail.php
@@ -33,7 +33,7 @@ if ( isset($_REQUEST['eid']) ) {
$sqlValues = array();
foreach ( $_REQUEST['eids'] as $eid ) {
$sqlWhere[] = 'E.Id = ?';
- $sqlValues[] = $eid;
+ $sqlValues[] = validInt($eid);
}
unset($eid);
$sql .= join(' OR ', $sqlWhere);
@@ -80,14 +80,14 @@ if ( $mode == 'single' ) {
-
+
-
+