PrivateCoffee/wishthis
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix sql syntax error

Browse source
This commit is contained in:
grandeljay 2023-01-28 16:50:05 +01:00
parent 3414e6c51e
commit c31a07d855
2 changed files with 6 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/api/wishlists.php
View file

@ -177,11 +177,11 @@ switch ($_SERVER['REQUEST_METHOD']) {
$database
->query(
'UPDATE `wishlists`
SET `name` = :wishlist_name,
SET `name` = :wishlist_name
WHERE `id` = :wishlist_id',
array(
'wishlist_name' => Sanitiser::getTitle($_PUT['wishlist_title']),
'wishlist_id' => Sanitiser::getTitle($_PUT['wishlist_id']),
'wishlist_id' => Sanitiser::getNumber($_PUT['wishlist_id']),
)
);

6
src/classes/sanitiser.php
View file

@ -9,9 +9,11 @@ class Sanitiser
return $text;
}
public static function getNumber(mixed $valueToSanitise): float
public static function getNumber(mixed $valueToSanitise): float|int
{
return floatval(preg_replace('/[^0-9\.]+/', '', $valueToSanitise));
$number = preg_replace('/[^0-9\.]+/', '', $valueToSanitise);
return $number;
}
public static function getPage(mixed $valueToSanitise): string