forked from saurabh/personal-experience
Fix vulnerable.
This commit is contained in:
parent
6440b2c314
commit
c0931e7f5f
|
@ -15,7 +15,7 @@ class Admin::ExperiencesController < OrbitMemberController
|
|||
end
|
||||
|
||||
def new
|
||||
@member = MemberProfile.find_by(:uid=>params['uid']) rescue nil
|
||||
@member = MemberProfile.find_by(:uid=>params['uid'].to_s) rescue nil
|
||||
@experience = Experience.new
|
||||
if params[:desktop]
|
||||
render :layout => false
|
||||
|
@ -163,7 +163,7 @@ class Admin::ExperiencesController < OrbitMemberController
|
|||
end
|
||||
|
||||
def frontend_setting
|
||||
@member = MemberProfile.find_by(:uid=>params['uid']) rescue nil
|
||||
@member = MemberProfile.find_by(:uid=>params['uid'].to_s) rescue nil
|
||||
@intro = ExperienceIntro.find_by(:member_profile_id=>@member.id) rescue nil
|
||||
@intro = @intro.nil? ? ExperienceIntro.new({:member_profile_id=>@member.id}) : @intro
|
||||
end
|
||||
|
|
|
@ -28,7 +28,7 @@ class PersonalExperiencesController < ApplicationController
|
|||
|
||||
def show
|
||||
params = OrbitHelper.params
|
||||
plugin = Experience.where(:is_hidden=>false).find_by(uid: params[:uid])
|
||||
plugin = Experience.where(:is_hidden=>false).find_by(uid: params[:uid].to_s)
|
||||
|
||||
fields_to_show = [
|
||||
"experience_type",
|
||||
|
|
Loading…
Reference in New Issue