yolinlin/aowow
1
0
Fork 0
mirror of https://github.com/Sarjuuk/aowow.git synced 2025-11-29 15:58:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Misc

Browse Source 
* don't cache playlists
 * don't cache new custom profiles
 * forgot to sanitize and use param from js
This commit is contained in:
Sarjuuk
2018-03-29 13:52:08 +02:00
parent 51eda12099
commit fab71f9325
3 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
includes/ajaxHandler/profile.class.php
View File

@@ -14,6 +14,7 @@ class AjaxProfile extends AjaxHandler
'size' => [FILTER_SANITIZE_STRING, 0xC], // FILTER_FLAG_STRIP_LOW | *_HIGH
'guild' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkEmptySet']],
'arena-team' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkEmptySet']],
'user' => [FILTER_CALLBACK, ['options' => 'AjaxProfile::checkUser']]
);
protected $_post = array(
@@ -714,6 +715,13 @@ class AjaxProfile extends AjaxHandler
return null;
}
protected function checkUser($val)
{
if (User::isValidName($val))
return $val
return null;
}
}
?>