tyler.durden/opensupports
1
0
Fork 0
mirror of https://github.com/opensupports/opensupports.git synced 2025-07-31 01:35:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

add controller request secure param (#1060)

Browse Source
This commit is contained in:
Guillermo Giuliana 2021-10-18 22:05:54 -03:00 committed by GitHub
parent b2e43430b1
commit c657d8291f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/controllers/article/add-topic.php
View File

@ -46,7 +46,7 @@ class AddTopicController extends Controller {
public function handler() { public function handler() {
$topic = new Topic(); $topic = new Topic();
$topic->setProperties([ $topic->setProperties([
'name' => Controller::request('name'), 'name' => Controller::request('name', true),
'icon' => Controller::request('icon'), 'icon' => Controller::request('icon'),
'iconColor' => Controller::request('iconColor'), 'iconColor' => Controller::request('iconColor'),
'private' => Controller::request('private') ? 1 : 0 'private' => Controller::request('private') ? 1 : 0

2
server/controllers/article/add.php
View File

@ -64,7 +64,7 @@ class AddArticleController extends Controller {
$article = new Article(); $article = new Article();
$article->setProperties([ $article->setProperties([
'title' => Controller::request('title'), 'title' => Controller::request('title', true),
'content' => $this->replaceWithImagePaths($imagePaths, $content), 'content' => $this->replaceWithImagePaths($imagePaths, $content),
'lastEdited' => Date::getCurrentDate(), 'lastEdited' => Date::getCurrentDate(),
'position' => Controller::request('position') || 1 'position' => Controller::request('position') || 1

2
server/controllers/article/edit-topic.php
View File

@ -52,7 +52,7 @@ class EditTopicController extends Controller {
$topic = Topic::getDataStore(Controller::request('topicId')); $topic = Topic::getDataStore(Controller::request('topicId'));
if(Controller::request('name')) { if(Controller::request('name')) {
$topic->name = Controller::request('name'); $topic->name = Controller::request('name', true);
} }
if(Controller::request('iconColor')) { if(Controller::request('iconColor')) {

4
server/controllers/system/add-custom-field.php
View File

@ -63,9 +63,9 @@ class AddCustomFieldController extends Controller {
} }
public function handler() { public function handler() {
$name = Controller::request('name'); $name = Controller::request('name', true);
$type = Controller::request('type'); $type = Controller::request('type');
$description = Controller::request('description'); $description = Controller::request('description', true);
$options = Controller::request('options'); $options = Controller::request('options');
if(!Customfield::getDataStore($name, 'name')->isNull()) if(!Customfield::getDataStore($name, 'name')->isNull())

2
server/controllers/system/add-department.php
View File

@ -39,7 +39,7 @@ class AddDepartmentController extends Controller {
} }
public function handler() { public function handler() {
$name = Controller::request('name'); $name = Controller::request('name', true);
$private = Controller::request('private'); $private = Controller::request('private');
$departmentInstance = new Department(); $departmentInstance = new Department();

2
server/controllers/ticket/add-custom-response.php
View File

@ -54,7 +54,7 @@ class AddCustomResponseController extends Controller {
public function handler() { public function handler() {
$customResponse = new CustomResponse(); $customResponse = new CustomResponse();
$customResponse->setProperties([ $customResponse->setProperties([
'name' => Controller::request('name'), 'name' => Controller::request('name', true),
'content' => Controller::request('content', true), 'content' => Controller::request('content', true),
'language' => Controller::request('language') 'language' => Controller::request('language')
]); ]);

2
server/controllers/ticket/create-tag.php
View File

@ -46,7 +46,7 @@ class CreateTagController extends Controller {
} }
public function handler() { public function handler() {
$name = Controller::request('name'); $name = Controller::request('name', true);
$color = Controller::request('color'); $color = Controller::request('color');
if (!Tag::getDataStore($name, 'name')->isNull()) { if (!Tag::getDataStore($name, 'name')->isNull()) {

2
server/controllers/ticket/create.php
View File

@ -99,7 +99,7 @@ class CreateController extends Controller {
$session->clearSessionData(); $session->clearSessionData();
} }
$this->title = Controller::request('title'); $this->title = Controller::request('title', true);
$this->content = Controller::request('content', true); $this->content = Controller::request('content', true);
$this->departmentId = Controller::request('departmentId'); $this->departmentId = Controller::request('departmentId');
$this->language = Controller::request('language'); $this->language = Controller::request('language');

4
server/controllers/user/invite.php
View File

@ -102,8 +102,8 @@ class InviteUserController extends Controller {
} }
public function storeRequestData() { public function storeRequestData() {
$this->userName = Controller::request('name'); $this->userName = Controller::request('name', true);
$this->userEmail = Controller::request('email'); $this->userEmail = Controller::request('email', true);
} }
public function createNewUserAndRetrieveId() { public function createNewUserAndRetrieveId() {

2
server/controllers/user/signup.php
View File

@ -115,7 +115,7 @@ class SignUpController extends Controller {
} }
public function storeRequestData() { public function storeRequestData() {
$this->userName = Controller::request('name'); $this->userName = Controller::request('name', true);
$this->userEmail = Controller::request('email'); $this->userEmail = Controller::request('email');
$this->userPassword = Controller::request('password'); $this->userPassword = Controller::request('password');
$this->verificationToken = Hashing::generateRandomToken(); $this->verificationToken = Hashing::generateRandomToken();