The code in the download reports controller uses OR's when creating the where statement to filter reports. This means that the resultant SQL is inclusive, not exclusive. A lot of deployments mark reports that are too sensitive for public consumption as "unapproved", and thus an inclusive filtering is a security risk. In general I find myself biased towards exclusive filtering, but I suppose that's personal preference.

For example if a user unchecks the "Reports Awaiting Approval" option, but leave an unrelated field checked, say "Verified Reports", then the CSV file will have all the reports that are verified, even the ones that are verified but not approved. In my opinion this is pretty serious, and the Ushahidi community at large should be notified. From my experience the average user will never think, "Is this filtering system exclusive or inclusive?",  will never double check the CSV they download,  and will assume if they unchecked something, that it won't be in there.

I made a fix and you can find it here.

Ushahidi Developers: Please keep in mind that "approved" and "unapproved" are a big deal for those of us working on deployments, and that you should always default to protecting "unapproved" reports.

Thanks,