Fix vulnerable.

2022-10-24 16:30:14 +08:00 · 2022-10-24 16:30:14 +08:00 · bb227271fe
parent 1ab0e53a1c
commit bb227271fe
1 changed files with 1 additions and 1 deletions
--- a/app/controllers/faqs_controller.rb
+++ b/app/controllers/faqs_controller.rb
@ -35,7 +35,7 @@ class FaqsController < ApplicationController

  def show
    params = OrbitHelper.params
-    faq = Qa.can_display.find_by_param(params[:uid])
+    faq = Qa.can_display.find_by_param(params[:uid].to_s)

    url_to_edit = OrbitHelper.user_can_edit?(faq) ? "/admin/faqs/#{faq.id.to_s}/edit" : ""