tyler.durden
/
opensupports
mirror of https://github.com/opensupports/opensupports.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add controller request secure param (#1060)

This commit is contained in:
Guillermo Giuliana 2021-10-18 22:05:54 -03:00 committed by GitHub
parent b2e43430b1
commit c657d8291f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/controllers/article/add-topic.php
View File

@ -46,7 +46,7 @@ class AddTopicController extends Controller {
public function handler() {
$topic = new Topic();
$topic->setProperties([
'name' => Controller::request('name'),
'name' => Controller::request('name', true),
'icon' => Controller::request('icon'),
'iconColor' => Controller::request('iconColor'),
'private' => Controller::request('private') ? 1 : 0

2
server/controllers/article/add.php
View File

@ -64,7 +64,7 @@ class AddArticleController extends Controller {
$article = new Article();
$article->setProperties([
'title' => Controller::request('title'),
'title' => Controller::request('title', true),
'content' => $this->replaceWithImagePaths($imagePaths, $content),
'lastEdited' => Date::getCurrentDate(),
'position' => Controller::request('position') || 1

2
server/controllers/article/edit-topic.php
View File

@ -52,7 +52,7 @@ class EditTopicController extends Controller {
$topic = Topic::getDataStore(Controller::request('topicId'));
if(Controller::request('name')) {
$topic->name = Controller::request('name');
$topic->name = Controller::request('name', true);
}
if(Controller::request('iconColor')) {

4
server/controllers/system/add-custom-field.php
View File

@ -63,9 +63,9 @@ class AddCustomFieldController extends Controller {
}
public function handler() {
$name = Controller::request('name');
$name = Controller::request('name', true);
$type = Controller::request('type');
$description = Controller::request('description');
$description = Controller::request('description', true);
$options = Controller::request('options');
if(!Customfield::getDataStore($name, 'name')->isNull())

2
server/controllers/system/add-department.php
View File

@ -39,7 +39,7 @@ class AddDepartmentController extends Controller {
}
public function handler() {
$name = Controller::request('name');
$name = Controller::request('name', true);
$private = Controller::request('private');
$departmentInstance = new Department();

2
server/controllers/ticket/add-custom-response.php
View File

@ -54,7 +54,7 @@ class AddCustomResponseController extends Controller {
public function handler() {
$customResponse = new CustomResponse();
$customResponse->setProperties([
'name' => Controller::request('name'),
'name' => Controller::request('name', true),
'content' => Controller::request('content', true),
'language' => Controller::request('language')
]);

2
server/controllers/ticket/create-tag.php
View File

@ -46,7 +46,7 @@ class CreateTagController extends Controller {
}
public function handler() {
$name = Controller::request('name');
$name = Controller::request('name', true);
$color = Controller::request('color');
if (!Tag::getDataStore($name, 'name')->isNull()) {

2
server/controllers/ticket/create.php
View File

@ -99,7 +99,7 @@ class CreateController extends Controller {
$session->clearSessionData();
}
$this->title = Controller::request('title');
$this->title = Controller::request('title', true);
$this->content = Controller::request('content', true);
$this->departmentId = Controller::request('departmentId');
$this->language = Controller::request('language');

4
server/controllers/user/invite.php
View File

@ -102,8 +102,8 @@ class InviteUserController extends Controller {
}
public function storeRequestData() {
$this->userName = Controller::request('name');
$this->userEmail = Controller::request('email');
$this->userName = Controller::request('name', true);
$this->userEmail = Controller::request('email', true);
}
public function createNewUserAndRetrieveId() {

2
server/controllers/user/signup.php
View File

@ -115,7 +115,7 @@ class SignUpController extends Controller {
}
public function storeRequestData() {
$this->userName = Controller::request('name');
$this->userName = Controller::request('name', true);
$this->userEmail = Controller::request('email');
$this->userPassword = Controller::request('password');
$this->verificationToken = Hashing::generateRandomToken();