diff options
Diffstat (limited to 'app/Module/UserJournalModule.php')
| -rw-r--r-- | app/Module/UserJournalModule.php | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/app/Module/UserJournalModule.php b/app/Module/UserJournalModule.php index dba2011d57..c75095fa61 100644 --- a/app/Module/UserJournalModule.php +++ b/app/Module/UserJournalModule.php @@ -164,9 +164,9 @@ class UserJournalModule extends AbstractModule implements ModuleBlockInterface throw new HttpAccessDeniedException(); } - $news_id = $request->getQueryParams()['news_id'] ?? ''; + $news_id = Validator::queryParams($request)->integer('news_id', 0); - if ($news_id !== '') { + if ($news_id !== 0) { $row = DB::table('news') ->where('news_id', '=', $news_id) ->where('user_id', '=', Auth::id()) @@ -204,16 +204,14 @@ class UserJournalModule extends AbstractModule implements ModuleBlockInterface throw new HttpAccessDeniedException(); } - $params = (array) $request->getParsedBody(); - - $news_id = $request->getQueryParams()['news_id'] ?? ''; - $subject = $params['subject']; - $body = $params['body']; + $news_id = Validator::queryParams($request)->integer('news_id', 0); + $subject = Validator::queryParams($request)->string('subject'); + $body = Validator::queryParams($request)->string('body'); $subject = $this->html_service->sanitize($subject); $body = $this->html_service->sanitize($body); - if ($news_id !== '') { + if ($news_id !== 0) { DB::table('news') ->where('news_id', '=', $news_id) ->where('user_id', '=', Auth::id()) @@ -243,7 +241,7 @@ class UserJournalModule extends AbstractModule implements ModuleBlockInterface public function postDeleteJournalAction(ServerRequestInterface $request): ResponseInterface { $tree = Validator::attributes($request)->tree(); - $news_id = $request->getQueryParams()['news_id']; + $news_id = Validator::queryParams($request)->integer('news_id'); DB::table('news') ->where('news_id', '=', $news_id) |
