Skip to content

Commit

Permalink
Improved validation
Browse files Browse the repository at this point in the history 
bugfixes
  • Loading branch information
@JulianPrieber
JulianPrieber committed Feb 7, 2024
1 parent 9f06ef6 commit 1c43aa8
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 11 deletions.
22 changes: 11 additions & 11 deletions app/Http/Controllers/UserController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -200,7 +200,7 @@ public function AddUpdateLink($id = 0)
public function saveLink(request $request)
{
$request->validate([
'link' => 'sometimes|url',
'link' => 'sometimes|exturl',
]);

$linkType = LinkType::find($request->linktype_id);
Expand Down Expand Up @@ -476,7 +476,7 @@ public function saveLink(request $request)
}

if(empty($links->button_id)) {
return redirect(route('showButtons')); die;
throw new \Exception('Invalid link');
}

$links->save();
Expand Down Expand Up @@ -715,7 +715,7 @@ public function showCSS(request $request)
public function editLink(request $request)
{
$request->validate([
'link' => 'required|url',
'link' => 'required|exturl',
'title' => 'required',
'button' => 'required',
]);
Expand Down Expand Up @@ -1055,7 +1055,7 @@ public function deleteUser(request $request)
public function delProfilePicture()
{
$userId = Auth::user()->id;

// Delete the user's current avatar if it exists
while (findAvatar($userId) !== "error.error") {
$avatarName = findAvatar($userId);
Expand Down Expand Up @@ -1154,10 +1154,11 @@ public function importData(Request $request)
$user->littlelink_description = $sanitizedText;
}

$allowedExtensions = array('jpeg', 'jpg', 'png', 'webp');
$userExtension = strtolower($userData['image_extension']);

if (isset($userData['image_data'])) {

$allowedExtensions = array('jpeg', 'jpg', 'png', 'webp');
$userExtension = strtolower($userData['image_extension']);

if (in_array($userExtension, $allowedExtensions)) {
// Decode the image data from Base64
$imageData = base64_decode($userData['image_data']);
Expand Down Expand Up @@ -1186,11 +1187,11 @@ public function importData(Request $request)
foreach ($userData['links'] as $linkData) {

$validatedData = Validator::make($linkData, [
'link' => 'nullable|url',
'link' => 'nullable|exturl',
]);

if ($validatedData->fails()) {
throw new \Exception('Invalid link');
print_r($linkData); die;
}

$newLink = new Link();
Expand Down Expand Up @@ -1222,7 +1223,6 @@ public function importData(Request $request)
// Save the new link to the database
$newLink->save();
}

return redirect('studio/profile')->with('success', __('messages.Profile updated successfully!'));
} catch (\Exception $e) {
return redirect('studio/profile')->with('error', __('messages.An error occurred while updating your profile.'));
Expand Down Expand Up @@ -1252,7 +1252,7 @@ public function editIcons(Request $request)
$validationRules = [];

foreach ($inputKeys as $platform) {
$validationRules[$platform] = 'nullable|url|max:255';
$validationRules[$platform] = 'nullable|exturl|max:255';
}

$request->validate($validationRules);
Expand Down
4 changes: 4 additions & 0 deletions app/Providers/AppServiceProvider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,5 +37,9 @@ public function boot()

return $query->count() === 0;
});
Validator::extend('exturl', function ($attribute, $value, $parameters, $validator) {
$allowed_schemes = ['http', 'https', 'mailto', 'tel'];
return in_array(parse_url($value, PHP_URL_SCHEME), $allowed_schemes, true);
});
}
}

0 comments on commit 1c43aa8

Please sign in to comment.