summaryrefslogtreecommitdiff
path: root/app/Module/UserJournalModule.php
diff options
context:
space:
mode:
Diffstat (limited to 'app/Module/UserJournalModule.php')
-rw-r--r--app/Module/UserJournalModule.php16
1 files changed, 7 insertions, 9 deletions
diff --git a/app/Module/UserJournalModule.php b/app/Module/UserJournalModule.php
index dba2011d57..c75095fa61 100644
--- a/app/Module/UserJournalModule.php
+++ b/app/Module/UserJournalModule.php
@@ -164,9 +164,9 @@ class UserJournalModule extends AbstractModule implements ModuleBlockInterface
throw new HttpAccessDeniedException();
}
- $news_id = $request->getQueryParams()['news_id'] ?? '';
+ $news_id = Validator::queryParams($request)->integer('news_id', 0);
- if ($news_id !== '') {
+ if ($news_id !== 0) {
$row = DB::table('news')
->where('news_id', '=', $news_id)
->where('user_id', '=', Auth::id())
@@ -204,16 +204,14 @@ class UserJournalModule extends AbstractModule implements ModuleBlockInterface
throw new HttpAccessDeniedException();
}
- $params = (array) $request->getParsedBody();
-
- $news_id = $request->getQueryParams()['news_id'] ?? '';
- $subject = $params['subject'];
- $body = $params['body'];
+ $news_id = Validator::queryParams($request)->integer('news_id', 0);
+ $subject = Validator::queryParams($request)->string('subject');
+ $body = Validator::queryParams($request)->string('body');
$subject = $this->html_service->sanitize($subject);
$body = $this->html_service->sanitize($body);
- if ($news_id !== '') {
+ if ($news_id !== 0) {
DB::table('news')
->where('news_id', '=', $news_id)
->where('user_id', '=', Auth::id())
@@ -243,7 +241,7 @@ class UserJournalModule extends AbstractModule implements ModuleBlockInterface
public function postDeleteJournalAction(ServerRequestInterface $request): ResponseInterface
{
$tree = Validator::attributes($request)->tree();
- $news_id = $request->getQueryParams()['news_id'];
+ $news_id = Validator::queryParams($request)->integer('news_id');
DB::table('news')
->where('news_id', '=', $news_id)