Fix vulnerable.

This commit is contained in:
BoHung Chiu 2022-10-24 16:11:22 +08:00
parent 8a8de1f5b6
commit 0654a6a6a7
2 changed files with 3 additions and 3 deletions

View File

@ -14,7 +14,7 @@ class Admin::HonorsController < OrbitMemberController
end
def new
@member = MemberProfile.find_by(:uid=>params['uid']) rescue nil
@member = MemberProfile.find_by(:uid=>params['uid'].to_s) rescue nil
@honor = Honor.new
if params[:desktop]
@ -162,7 +162,7 @@ class Admin::HonorsController < OrbitMemberController
end
def frontend_setting
@member = MemberProfile.find_by(:uid=>params['uid']) rescue nil
@member = MemberProfile.find_by(:uid=>params['uid'].to_s) rescue nil
@intro = HonorIntro.find_by(:member_profile_id=>@member.id) rescue nil
@intro = @intro.nil? ? HonorIntro.new({:member_profile_id=>@member.id}) : @intro
end

View File

@ -73,7 +73,7 @@ class PersonalHonorsController < ApplicationController
def show
params = OrbitHelper.params
plugin = Honor.where(:is_hidden=>false).find_by(uid: params[:uid])
plugin = Honor.where(:is_hidden=>false).find_by(uid: params[:uid].to_s)
fields_to_show = [
"year",
"honor_type",