don't sanitize numerical values

Author: gondzo

src/routes/projects/create.js

@@ -79,8 +79,8 @@ module.exports = [
       external: null,
       utm: null,
     });
-    traverse(project).forEach(function (x) {
-      if (this.isLeaf) this.update(req.sanitize(x));
+    traverse(project).forEach((x) => {
+      if (this.isLeaf && typeof x === 'string') this.update(req.sanitize(x));
     });
     // override values
     _.assign(project, {

src/routes/projects/update.js

@@ -122,8 +122,8 @@ module.exports = [
     const projectId = _.parseInt(req.params.projectId);
     // prune any fields that cannot be updated directly
     updatedProps = _.omit(updatedProps, ['createdBy', 'createdAt', 'updatedBy', 'updatedAt', 'id']);
-    traverse(updatedProps).forEach(function (x) {
-      if (this.isLeaf) this.update(req.sanitize(x));
+    traverse(updatedProps).forEach((x) => {
+      if (this.isLeaf && typeof x === 'string') this.update(req.sanitize(x));
     });
     let previousValue;
     models.sequelize.transaction(() => models.Project.findOne({