From 4581b8cd66fb915f98b383bb0a228a7c37e0f3f6 Mon Sep 17 00:00:00 2001
From: Bernd Bestel <bernd@berrnd.de>
Date: Thu, 16 Apr 2026 23:30:20 +0200
Subject: [PATCH] Properly filter product-group query parameter

---
 controllers/StockReportsController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/controllers/StockReportsController.php b/controllers/StockReportsController.php
index 96a327d6..d30a5d4f 100644
--- a/controllers/StockReportsController.php
+++ b/controllers/StockReportsController.php
@@ -37,7 +37,7 @@ class StockReportsController extends BaseController
 				{
 					$where .= ' AND pg.id IS NULL';
 				}
-				elseif ($request->getQueryParams()['product-group'] != 'all')
+				elseif ($request->getQueryParams()['product-group'] != 'all' && filter_var($request->getQueryParams()['product-group'], FILTER_VALIDATE_INT) !== false)
 				{
 					$where .= ' AND pg.id = ' . $request->getQueryParams()['product-group'];
 				}