jan/miniflux-legacy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Ensure that item_id are always integer

Browse Source
This commit is contained in:
Frederic Guillot 2016-12-26 17:19:38 -05:00
parent 834633e670
commit 533bba270b
2 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/bookmark.php
View File

@ -17,7 +17,7 @@ use PicoFeed\Syndication\AtomItemBuilder;
// Ajax call to add or remove a bookmark // Ajax call to add or remove a bookmark
Router\post_action('bookmark', function () { Router\post_action('bookmark', function () {
$user_id = SessionStorage::getInstance()->getUserId(); $user_id = SessionStorage::getInstance()->getUserId();
$item_id = Request\param('id'); $item_id = Request\int_param('id');
$value = Request\int_param('value'); $value = Request\int_param('value');
if ($value == 1) { if ($value == 1) {
@ -34,7 +34,7 @@ Router\post_action('bookmark', function () {
// Add new bookmark // Add new bookmark
Router\get_action('bookmark', function () { Router\get_action('bookmark', function () {
$user_id = SessionStorage::getInstance()->getUserId(); $user_id = SessionStorage::getInstance()->getUserId();
$item_id = Request\param('id'); $item_id = Request\int_param('id');
$menu = Request\param('menu'); $menu = Request\param('menu');
$redirect = Request\param('redirect', 'unread'); $redirect = Request\param('redirect', 'unread');
$offset = Request\int_param('offset', 0); $offset = Request\int_param('offset', 0);

16
app/controllers/item.php
View File

@ -34,7 +34,7 @@ Router\get_action('unread', function () {
// Show item // Show item
Router\get_action('show', function () { Router\get_action('show', function () {
$user_id = SessionStorage::getInstance()->getUserId(); $user_id = SessionStorage::getInstance()->getUserId();
$item_id = Request\param('id'); $item_id = Request\int_param('id');
$menu = Request\param('menu'); $menu = Request\param('menu');
$item = Model\Item\get_item($user_id, $item_id); $item = Model\Item\get_item($user_id, $item_id);
$feed = Model\Feed\get_feed($user_id, $item['feed_id']); $feed = Model\Feed\get_feed($user_id, $item['feed_id']);
@ -108,7 +108,7 @@ Router\get_action('feed-items', function () {
// Ajax call to download an item (fetch the full content from the original website) // Ajax call to download an item (fetch the full content from the original website)
Router\post_action('download-item', function () { Router\post_action('download-item', function () {
$user_id = SessionStorage::getInstance()->getUserId(); $user_id = SessionStorage::getInstance()->getUserId();
$item_id = Request\param('id'); $item_id = Request\int_param('id');
$item = Model\Item\get_item($user_id, $item_id); $item = Model\Item\get_item($user_id, $item_id);
$feed = Model\Feed\get_feed($user_id, $item['feed_id']); $feed = Model\Feed\get_feed($user_id, $item['feed_id']);
@ -127,7 +127,7 @@ Router\post_action('download-item', function () {
// Ajax call to mark item read // Ajax call to mark item read
Router\post_action('mark-item-read', function () { Router\post_action('mark-item-read', function () {
$user_id = SessionStorage::getInstance()->getUserId(); $user_id = SessionStorage::getInstance()->getUserId();
$item_id = Request\param('id'); $item_id = Request\int_param('id');
Model\Item\change_item_status($user_id, $item_id, Model\Item\STATUS_READ); Model\Item\change_item_status($user_id, $item_id, Model\Item\STATUS_READ);
Response\json(array('Ok')); Response\json(array('Ok'));
}); });
@ -135,7 +135,7 @@ Router\post_action('mark-item-read', function () {
// Ajax call to mark item as removed // Ajax call to mark item as removed
Router\post_action('mark-item-removed', function () { Router\post_action('mark-item-removed', function () {
$user_id = SessionStorage::getInstance()->getUserId(); $user_id = SessionStorage::getInstance()->getUserId();
$item_id = Request\param('id'); $item_id = Request\int_param('id');
Model\Item\change_item_status($user_id, $item_id, Model\Item\STATUS_REMOVED); Model\Item\change_item_status($user_id, $item_id, Model\Item\STATUS_REMOVED);
Response\json(array('Ok')); Response\json(array('Ok'));
}); });
@ -143,7 +143,7 @@ Router\post_action('mark-item-removed', function () {
// Ajax call to mark item unread // Ajax call to mark item unread
Router\post_action('mark-item-unread', function () { Router\post_action('mark-item-unread', function () {
$user_id = SessionStorage::getInstance()->getUserId(); $user_id = SessionStorage::getInstance()->getUserId();
$item_id = Request\param('id'); $item_id = Request\int_param('id');
Model\Item\change_item_status($user_id, $item_id, Model\Item\STATUS_UNREAD); Model\Item\change_item_status($user_id, $item_id, Model\Item\STATUS_UNREAD);
Response\json(array('Ok')); Response\json(array('Ok'));
}); });
@ -189,7 +189,7 @@ Router\post_action('mark-feed-as-read', function () {
// Mark item as read and redirect to the listing page // Mark item as read and redirect to the listing page
Router\get_action('mark-item-read', function () { Router\get_action('mark-item-read', function () {
$user_id = SessionStorage::getInstance()->getUserId(); $user_id = SessionStorage::getInstance()->getUserId();
$item_id = Request\param('id'); $item_id = Request\int_param('id');
$redirect = Request\param('redirect', 'unread'); $redirect = Request\param('redirect', 'unread');
$offset = Request\int_param('offset', 0); $offset = Request\int_param('offset', 0);
$feed_id = Request\int_param('feed_id', 0); $feed_id = Request\int_param('feed_id', 0);
@ -201,7 +201,7 @@ Router\get_action('mark-item-read', function () {
// Mark item as unread and redirect to the listing page // Mark item as unread and redirect to the listing page
Router\get_action('mark-item-unread', function () { Router\get_action('mark-item-unread', function () {
$user_id = SessionStorage::getInstance()->getUserId(); $user_id = SessionStorage::getInstance()->getUserId();
$item_id = Request\param('id'); $item_id = Request\int_param('id');
$redirect = Request\param('redirect', 'history'); $redirect = Request\param('redirect', 'history');
$offset = Request\int_param('offset', 0); $offset = Request\int_param('offset', 0);
$feed_id = Request\int_param('feed_id', 0); $feed_id = Request\int_param('feed_id', 0);
@ -213,7 +213,7 @@ Router\get_action('mark-item-unread', function () {
// Mark item as removed and redirect to the listing page // Mark item as removed and redirect to the listing page
Router\get_action('mark-item-removed', function () { Router\get_action('mark-item-removed', function () {
$user_id = SessionStorage::getInstance()->getUserId(); $user_id = SessionStorage::getInstance()->getUserId();
$item_id = Request\param('id'); $item_id = Request\int_param('id');
$redirect = Request\param('redirect', 'history'); $redirect = Request\param('redirect', 'history');
$offset = Request\int_param('offset', 0); $offset = Request\int_param('offset', 0);
$feed_id = Request\int_param('feed_id', 0); $feed_id = Request\int_param('feed_id', 0);