fix XSS

[freeside.git] / FS / FS / ClientAPI / MyAccount.pm

diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm
index 3f7c004..d07b383 100644 (file)
--- a/FS/FS/ClientAPI/MyAccount.pm
+++ b/FS/FS/ClientAPI/MyAccount.pm
@@ -2037,6 +2037,9 @@ sub _usage_details {
     $p->{ending}    = $end;
   }
 
+  die "illegal beginning" if $beginning !~ /^\d*$/;
+  die "illegal ending"    if $ending    !~ /^\d*$/;
+
   my (@usage) = &$callback($svc_x, $p->{beginning}, $p->{ending}, 
     %callback_opt
   );