diff options
| -rwxr-xr-x | httemplate/search/report_tax-xls.cgi | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/httemplate/search/report_tax-xls.cgi b/httemplate/search/report_tax-xls.cgi index 07fcf7cfe..c914d5adc 100755 --- a/httemplate/search/report_tax-xls.cgi +++ b/httemplate/search/report_tax-xls.cgi @@ -24,8 +24,9 @@ if ( $cgi->param('agentnum') =~ /^(\d+)$/ ) { $agentname = $agent->agentname; } -if ( $cgi->param('taxname') =~ /^([\w ]+)$/ ) { - $params{taxname} = $1; +# allow anything in here; FS::Report::Tax will treat it as unsafe +if ( length($cgi->param('taxname')) ) { + $params{taxname} = $cgi->param('taxname'); } else { die "taxname required"; } |