saurabh
/
personal-lab
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix vulnerable.

This commit is contained in:
BoHung Chiu 2022-10-24 16:10:01 +08:00
parent f1b91eea20
commit eb8ed7476d
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/admin/labs_controller.rb
View File

@ -14,7 +14,7 @@ class Admin::LabsController < OrbitMemberController
end
def new
@member = MemberProfile.find_by(:uid=>params['uid']) rescue nil
@member = MemberProfile.find_by(:uid=>params['uid'].to_s) rescue nil
@lab = Lab.new
if params[:desktop]
render :layout => false
@ -160,7 +160,7 @@ class Admin::LabsController < OrbitMemberController
end
def frontend_setting
@member = MemberProfile.find_by(:uid=>params['uid']) rescue nil
@member = MemberProfile.find_by(:uid=>params['uid'].to_s) rescue nil
@intro = LabIntro.find_by(:member_profile_id=>@member.id) rescue nil
@intro = @intro.nil? ? LabIntro.new({:member_profile_id=>@member.id}) : @intro
end

2
app/controllers/personal_labs_controller.rb
View File

@ -28,7 +28,7 @@ class PersonalLabsController < ApplicationController
def show
params = OrbitHelper.params
plugin = Lab.where(:is_hidden=>false).find_by(uid: params[:uid])
plugin = Lab.where(:is_hidden=>false).find_by(uid: params[:uid].to_s)
fields_to_show = [
"lab_title",
"location",