PrivateCoffee/wishthis
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix: wish title and description encoding

Browse source
This commit is contained in:
grandeljay 2023-07-20 14:58:11 +02:00
parent b8ca7786ce
commit 815f1cbd37
3 changed files with 12 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
src/api/wishes.php
View file

@ -91,11 +91,11 @@ switch ($_SERVER['REQUEST_METHOD']) {
break;
}
$wish_title = Sanitiser::getTitle($_POST['wish_title']);
$wish_description = Sanitiser::getText($_POST['wish_description']);
$wish_image = Sanitiser::getURL($_POST['wish_image']);
$wish_url = Sanitiser::getURL($_POST['wish_url']);
$wish_priority = !empty($_POST['wish_priority']) ? Sanitiser::getNumber($_POST['wish_priority']) : null;
$wish_title = addslashes(filter_input(INPUT_POST, 'wish_title', FILTER_SANITIZE_SPECIAL_CHARS));
$wish_description = addslashes(filter_input(INPUT_POST, 'wish_description', FILTER_SANITIZE_SPECIAL_CHARS));
$wish_image = addslashes(filter_input(INPUT_POST, 'wish_image', FILTER_SANITIZE_URL));
$wish_url = addslashes(filter_input(INPUT_POST, 'wish_url', FILTER_SANITIZE_URL));
$wish_priority = addslashes(filter_input(INPUT_POST, 'wish_priority', FILTER_SANITIZE_NUMBER_INT));
$wish_is_purchasable = isset($_POST['wish_is_purchasable']);
if (Wish::NO_IMAGE === $wish_image) {

7
src/assets/js/parts/wish.js
View file

@ -233,10 +233,13 @@ $(function () {
.tab();
/** General */
var decoded_title = $('<div>').html(wish_local.title).text();
var decoded_description = $('<div>').html(wish_local.description).text();
$('[name="wish_id"]').val(wish_local.id);
$('[name="wishlist_id"]').val(wish_local.wishlist);
$('[name="wish_title"]').val(wish_local.title);
$('[name="wish_description"]').val(wish_local.description);
$('[name="wish_title"]').val(decoded_title);
$('[name="wish_description"]').val(decoded_description);
$('[name="wish_image"]').val(wish_local.image);
$('[name="wish_url"]').val(wish_local.url);
$('.ui.selection.dropdown.priority').dropdown('set selected', wish_local.priority);

4
src/classes/wishthis/Wish.php
View file

@ -113,8 +113,8 @@ class Wish
}
}
$this->title = Sanitiser::render($this->title ?? '');
$this->description = Sanitiser::render($this->description ?? '');
$this->title = stripslashes($this->title ?? '');
$this->description = stripslashes($this->description ?? '');
}
}