badmanners/shimmie2
badmanners/shimmie2
Archived
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Sanitize ratings

Browse source
This commit is contained in:
im-mi 2016-09-25 15:17:29 -04:00
parent d4fda00dd9
commit e6dd1b492c
1 changed files with 20 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
ext/rating/main.php
View file

@ -110,7 +110,10 @@ class Ratings extends Extension {
public function onImageInfoSet(ImageInfoSetEvent $event) { public function onImageInfoSet(ImageInfoSetEvent $event) {
if($this->can_rate() && isset($_POST["rating"])) { if($this->can_rate() && isset($_POST["rating"])) {
send_event(new RatingSetEvent($event->image, $_POST['rating'])); $rating = $_POST["rating"];
if (Ratings::rating_is_valid($rating)) {
send_event(new RatingSetEvent($event->image, $rating));
}
} }
} }
@ -211,6 +214,22 @@ class Ratings extends Extension {
} }
} }
/**
* @param string $rating
* @return bool
*/
public static function rating_is_valid(/*string*/ $rating) {
switch($rating) {
case "s":
case "q":
case "e":
case "u":
return true;
default:
return false;
}
}
/** /**
* FIXME: this is a bit ugly and guessey, should have proper options * FIXME: this is a bit ugly and guessey, should have proper options
* *