kenmirrors/grocy
1
0
Fork 0
mirror of https://github.com/grocy/grocy.git synced 2025-08-18 03:25:50 +00:00
Code Issues Projects Releases Wiki Activity

More improvements on the REST API (references #139)

Browse Source
This commit is contained in:
Bernd Bestel
2019-01-21 22:13:42 +01:00
parent bfa59dd29c
commit 276bc94cc6
15 changed files with 102 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
controllers/FilesApiController.php
View File

@@ -18,13 +18,13 @@ class FilesApiController extends BaseApiController
{
try
{
if (isset($request->getQueryParams()['file_name']) && !empty($request->getQueryParams()['file_name']) && IsValidFileName($request->getQueryParams()['file_name']))
if (IsValidFileName(base64_decode($args['fileName'])))
{
$fileName = $request->getQueryParams()['file_name'];
$fileName = base64_decode($args['fileName']);
}
else
{
throw new \Exception('file_name query parameter missing or contains an invalid filename');
throw new \Exception('Invalid filename');
}
$data = $request->getBody()->getContents();
@@ -42,13 +42,13 @@ class FilesApiController extends BaseApiController
{
try
{
if (isset($request->getQueryParams()['file_name']) && !empty($request->getQueryParams()['file_name']) && IsValidFileName($request->getQueryParams()['file_name']))
if (IsValidFileName(base64_decode($args['fileName'])))
{
$fileName = $request->getQueryParams()['file_name'];
$fileName = base64_decode($args['fileName']);
}
else
{
throw new \Exception('file_name query parameter missing or contains an invalid filename');
throw new \Exception('Invalid filename');
}
$filePath = $this->FilesService->GetFilePath($args['group'], $fileName);
@@ -74,13 +74,13 @@ class FilesApiController extends BaseApiController
{
try
{
if (isset($request->getQueryParams()['file_name']) && !empty($request->getQueryParams()['file_name']) && IsValidFileName($request->getQueryParams()['file_name']))
if (IsValidFileName(base64_decode($args['fileName'])))
{
$fileName = $request->getQueryParams()['file_name'];
$fileName = base64_decode($args['fileName']);
}
else
{
throw new \Exception('file_name query parameter missing or contains an invalid filename');
throw new \Exception('Invalid filename');
}
$filePath = $this->FilesService->GetFilePath($args['group'], $fileName);