From 88e0dcc58dbae9d5aa7c3e3dfb365d749063f4d7 Mon Sep 17 00:00:00 2001
From: Uwe Steinmann <steinm@debian.org>
Date: Mon, 27 Sep 2021 10:08:20 +0200
Subject: [PATCH] check if passed id > 0 in getWorkflow(), getWorkflowAction(),
 getWorkflowState()

---
 SeedDMS_Core/Core/inc.ClassDMS.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/SeedDMS_Core/Core/inc.ClassDMS.php b/SeedDMS_Core/Core/inc.ClassDMS.php
index ef1b5b48d..8637f4b82 100644
--- a/SeedDMS_Core/Core/inc.ClassDMS.php
+++ b/SeedDMS_Core/Core/inc.ClassDMS.php
@@ -2728,7 +2728,7 @@ class SeedDMS_Core_DMS {
 	 * @return SeedDMS_Core_Workflow|bool of instances of {@link SeedDMS_Core_Workflow}, null if no workflow was found or false
 	 */
 	function getWorkflow($id) { /* {{{ */
-		if (!is_numeric($id))
+		if (!is_numeric($id) || $id < 1)
 			return false;
 
 		$queryStr = "SELECT * FROM `tblWorkflows` WHERE `id`=".intval($id);
@@ -2807,7 +2807,7 @@ class SeedDMS_Core_DMS {
 	 * @return bool|SeedDMS_Core_Workflow_State or false
 	 */
 	function getWorkflowState($id) { /* {{{ */
-		if (!is_numeric($id))
+		if (!is_numeric($id) || $id < 1)
 			return false;
 
 		$queryStr = "SELECT * FROM `tblWorkflowStates` WHERE `id` = " . (int) $id;
@@ -2907,7 +2907,7 @@ class SeedDMS_Core_DMS {
 	 * @return SeedDMS_Core_Workflow_Action|bool instance of {@link SeedDMS_Core_Workflow_Action} or false
 	 */
 	function getWorkflowAction($id) { /* {{{ */
-		if (!is_numeric($id))
+		if (!is_numeric($id) || $id < 1)
 			return false;
 
 		$queryStr = "SELECT * FROM `tblWorkflowActions` WHERE `id` = " . (int) $id;