From 599995edbc4e097099b6973efde1735457aa84e7 Mon Sep 17 00:00:00 2001
From: steinm <steinm@577cc39b-cfd1-4aa2-8bc3-eda205cea05a>
Date: Thu, 1 Dec 2011 21:36:00 +0000
Subject: [PATCH] - use preg_replace() instead of sanitizeString()

---
 op/op.AddMultiDocument.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/op/op.AddMultiDocument.php b/op/op.AddMultiDocument.php
index 0ddc53fe6..f22e4a951 100644
--- a/op/op.AddMultiDocument.php
+++ b/op/op.AddMultiDocument.php
@@ -168,7 +168,7 @@ if( move_uploaded_file( $source_file_path, $target_file_path ) ) {
 		else
 			$name = basename($userfilename);
 
-		$categories = sanitizeString($_POST["categoryids"]);
+		$categories = preg_replace('/[^0-9,]+/', '', $_POST["categoryids"]);
 		$cats = array();
 		if($categories) {
 			$catids = explode(',', $categories);