Fix vulnerable.

This commit is contained in:
BoHung Chiu 2022-10-24 16:10:01 +08:00
parent f1b91eea20
commit eb8ed7476d
2 changed files with 3 additions and 3 deletions

View File

@ -14,7 +14,7 @@ class Admin::LabsController < OrbitMemberController
end
def new
@member = MemberProfile.find_by(:uid=>params['uid']) rescue nil
@member = MemberProfile.find_by(:uid=>params['uid'].to_s) rescue nil
@lab = Lab.new
if params[:desktop]
render :layout => false
@ -160,7 +160,7 @@ class Admin::LabsController < OrbitMemberController
end
def frontend_setting
@member = MemberProfile.find_by(:uid=>params['uid']) rescue nil
@member = MemberProfile.find_by(:uid=>params['uid'].to_s) rescue nil
@intro = LabIntro.find_by(:member_profile_id=>@member.id) rescue nil
@intro = @intro.nil? ? LabIntro.new({:member_profile_id=>@member.id}) : @intro
end

View File

@ -28,7 +28,7 @@ class PersonalLabsController < ApplicationController
def show
params = OrbitHelper.params
plugin = Lab.where(:is_hidden=>false).find_by(uid: params[:uid])
plugin = Lab.where(:is_hidden=>false).find_by(uid: params[:uid].to_s)
fields_to_show = [
"lab_title",
"location",