From 32371c5a9357fde2402fc9d96e82ceb5814cd3b6 Mon Sep 17 00:00:00 2001
From: Jos Groot Lipman <jos.grootlipman@aareon.nl>
Date: Wed, 3 Dec 2025 14:22:56 +0000
Subject: [PATCH] BLCC#91763 AiAi op publiceren melding als bericht => AI SQL
 Injection

svn path=/Website/branches/v2025.4/; revision=71136
---
 APPL/MSG/fac_edit_nieuws.asp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/APPL/MSG/fac_edit_nieuws.asp b/APPL/MSG/fac_edit_nieuws.asp
index ec04dfa8ff..f59ea5059f 100644
--- a/APPL/MSG/fac_edit_nieuws.asp
+++ b/APPL/MSG/fac_edit_nieuws.asp
@@ -97,14 +97,18 @@ if (nieuws_key === -1 && mld_key > 0) {
     var result = shared.promptAI(JSON.stringify(input), { "instructions": L("lcl_mld_publish_portal_message_instructions"), "response_format": "json_object" });
     if (result.success) {
       try {
+        __Log(result.content);
         var content = JSON.parse(result.content);
         subject = content.onderwerp || null;
-        fac_nieuws_groep_key = content.categorie || null;
+        var fac_nieuws_groep_key = null;
+        fac_nieuws_groep_key = parseInt(content.categorie, 10) || null; // In theorie kan AI nog steeds een ongeldige categorie_key teruggeven. Dat negeren we
         image = content.icon || null;
         mess_dsc = content.berichttekst || null;
         totdate = (content.periode_tot || null) === null ? null : new Date(content.periode_tot || null);
       } catch (e) {
         // Dan niet
+        __DoLog("Prompt AI returned invalid JSON: " + e.description);
+        __DoLog(result.content);
       }
     }
   }