diff options
author | Florian Pritz <bluewind@xinu.at> | 2017-05-12 21:50:05 +0200 |
---|---|---|
committer | Florian Pritz <bluewind@xinu.at> | 2017-05-12 21:50:05 +0200 |
commit | d2707dd055538298bd3ccced73ddcfb08d353986 (patch) | |
tree | c8c292f9321b13d1a2d8e490bbb8db5a0ddd6d36 /application/controllers | |
parent | a252d6c6fbd2b9989ab630d74ef476fb9e54bcc6 (diff) |
Catch incorrect POST parameters (array vs string)
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application/controllers')
-rw-r--r-- | application/controllers/api/v2/file.php | 4 | ||||
-rw-r--r-- | application/controllers/file/file_default.php | 10 | ||||
-rw-r--r-- | application/controllers/file/multipaste.php | 6 |
3 files changed, 10 insertions, 10 deletions
diff --git a/application/controllers/api/v2/file.php b/application/controllers/api/v2/file.php index 6eb0ae43b..6f95d5525 100644 --- a/application/controllers/api/v2/file.php +++ b/application/controllers/api/v2/file.php @@ -71,14 +71,14 @@ class file extends \controllers\api\api_controller { public function delete() { $this->muser->require_access("apikey"); - $ids = $this->input->post("ids"); + $ids = $this->input->post_array("ids"); return \service\files::delete($ids); } public function create_multipaste() { $this->muser->require_access("basic"); - $ids = $this->input->post("ids"); + $ids = $this->input->post_array("ids"); $userid = $this->muser->get_userid(); $limits = $this->muser->get_upload_id_limits(); diff --git a/application/controllers/file/file_default.php b/application/controllers/file/file_default.php index 2a26c380c..f4f106990 100644 --- a/application/controllers/file/file_default.php +++ b/application/controllers/file/file_default.php @@ -565,7 +565,7 @@ class File_default extends MY_Controller { private function _append_multipaste_queue() { - $ids = $this->input->post("ids"); + $ids = $this->input->post_array("ids"); if ($ids === false) { $ids = []; } @@ -658,7 +658,7 @@ class File_default extends MY_Controller { { $this->muser->require_access("apikey"); - $ids = $this->input->post("ids"); + $ids = $this->input->post_array("ids"); $ret = \service\files::delete($ids); @@ -675,7 +675,7 @@ class File_default extends MY_Controller { { $this->muser->require_access("basic"); - $ids = $this->input->post("ids"); + $ids = $this->input->post_array("ids"); $userid = $this->muser->get_userid(); $limits = $this->muser->get_upload_id_limits(); @@ -690,8 +690,8 @@ class File_default extends MY_Controller { public function do_websubmit() { $files = getNormalizedFILES(); - $contents = $this->input->post("content"); - $filenames = $this->input->post("filename"); + $contents = $this->input->post_array("content"); + $filenames = $this->input->post_array("filename"); if (!is_array($filenames) || !is_array($contents)) { throw new \exceptions\UserInputException('file/websubmit/invalid-form', 'The submitted POST form is invalid'); diff --git a/application/controllers/file/multipaste.php b/application/controllers/file/multipaste.php index 759a781f0..50367697c 100644 --- a/application/controllers/file/multipaste.php +++ b/application/controllers/file/multipaste.php @@ -19,7 +19,7 @@ class Multipaste extends MY_Controller { public function append_multipaste_queue() { $this->muser->require_access("basic"); - $ids = $this->input->post("ids"); + $ids = $this->input->post_array("ids"); if ($ids === false) { $ids = []; } @@ -55,7 +55,7 @@ class Multipaste extends MY_Controller { public function form_submit() { $this->muser->require_access("basic"); - $ids = $this->input->post('ids'); + $ids = $this->input->post_array('ids'); $process = $this->input->post('process'); if ($ids === false) { @@ -87,7 +87,7 @@ class Multipaste extends MY_Controller { public function ajax_submit() { $this->muser->require_access("basic"); - $ids = $this->input->post('ids'); + $ids = $this->input->post_array('ids'); if ($ids === false) { $ids = []; |