From 9d5e11a0c4f1ad41eec31b4ee76ce7c2f6dca429 Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Sun, 18 Feb 2024 17:07:21 +1100
Subject: [PATCH] Enforce columns that we can sort on

---
 app/Filters/PaymentFilters.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/Filters/PaymentFilters.php b/app/Filters/PaymentFilters.php
index 038bc114375c..5c0b733f9398 100644
--- a/app/Filters/PaymentFilters.php
+++ b/app/Filters/PaymentFilters.php
@@ -12,8 +12,9 @@
 namespace App\Filters;
 
 use App\Models\Payment;
-use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Support\Carbon;
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Eloquent\Builder;
 
 /**
  * PaymentFilters.
@@ -163,7 +164,7 @@ class PaymentFilters extends QueryFilters
     {
         $sort_col = explode('|', $sort);
 
-        if (!is_array($sort_col) || count($sort_col) != 2) {
+        if (!is_array($sort_col) || count($sort_col) != 2 || !in_array($sort_col, Schema::getColumnListing('payments'))) {
             return $this->builder;
         }