Alamantus
/
Lexiconga
mirror of https://github.com/Alamantus/Lexiconga.git
1
0
Fork 0
Code Issues Releases Activity

Strip tags before parsing json in api request

This commit is contained in:
Robbie Antenesse 2019-05-21 16:18:44 -06:00
parent 3666acc426
commit 33ac88dd6c
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/php/api/index.php
View File

@ -3,8 +3,17 @@ require_once('./Response.php');
require_once('./User.php'); require_once('./User.php');
$inputJSON = file_get_contents('php://input'); $inputJSON = file_get_contents('php://input');
$inputJSON = strip_tags($inputJSON);
$request= json_decode($inputJSON, true); $request= json_decode($inputJSON, true);
if (!$request) {
// If malformed/unparseable JSON, fail.
return Response::json(array(
'data' => 'Malformed request data',
'error' => true,
), 400);
}
$action = isset($request['action']) ? $request['action'] : ''; $action = isset($request['action']) ? $request['action'] : '';
$token = isset($_COOKIE['token']) ? $_COOKIE['token'] : false; $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : false;