chris/pixelfed
1
0
Fork 0
forked from mirror/pixelfed
Code Pull requests Activity

Validate filters

Browse source
This commit is contained in:
Daniel Supernault 2019-03-08 01:52:54 -07:00
parent 063277d3e2
commit 2245c31bb8
No known key found for this signature in database
GPG key ID: 0DEF1C662C9033F7
2 changed files with 8 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
app/Http/Controllers/InternalApiController.php
View file

@ -23,6 +23,7 @@ use App\Transformer\Api\{
AccountTransformer,
StatusTransformer,
};
use App\Util\Media\Filter;
use App\Jobs\StatusPipeline\NewStatusPipeline;
use League\Fractal\Serializer\ArraySerializer;
use League\Fractal\Pagination\IlluminatePaginatorAdapter;
@ -63,7 +64,7 @@ class InternalApiController extends Controller
if($m->profile_id !== $profile->id || $m->status_id) {
abort(403, 'Invalid media id');
}
$m->filter_class = $media['filter'];
$m->filter_class = in_array($media['filter'], Filter::classes()) ? $media['filter'] : null;
$m->license = $media['license'];
$m->caption = strip_tags($media['alt']);
$m->order = isset($media['cursor']) && is_int($media['cursor']) ? (int) $media['cursor'] : $k;

8
app/Http/Controllers/StatusController.php
View file

@ -16,6 +16,7 @@ use Auth;
use Cache;
use Illuminate\Http\Request;
use League\Fractal;
use App\Util\Media\Filter;
class StatusController extends Controller
{
@ -151,6 +152,8 @@ class StatusController extends Controller
if(in_array($v->getMimeType(), $allowedMimes) == false) {
continue;
}
$filter_class = $request->input('filter_class');
$filter_name = $request->input('filter_name');
$storagePath = "public/m/{$monthHash}/{$userHash}";
$path = $v->store($storagePath);
@ -163,8 +166,9 @@ class StatusController extends Controller
$media->original_sha256 = $hash;
$media->size = $v->getSize();
$media->mime = $v->getMimeType();
$media->filter_class = $request->input('filter_class');
$media->filter_name = $request->input('filter_name');
$media->filter_class = in_array($filter_class, Filter::classes()) ? $filter_class : null;
$media->filter_name = in_array($filter_name, Filter::names()) ? $filter_name : null;
$media->order = $order;
$media->save();
array_push($mimes, $media->mime);