bitPickups/ad-aures_castoPod
1
0
Fork 0
mirror of https://github.com/ad-aures/castopod.git synced 2026-04-14 20:17:46 +02:00
Code Issues Projects Releases Packages Wiki Activity

fix(security): add csrf filter + prevent xss attacks by escaping user input

Browse source 
- update CI4 to v4.1.9's stable production package
- update php and js dependencies to latest
This commit is contained in:
Yassine Doghri 2022-03-04 14:33:48 +00:00
commit cd2e1e1dc3
182 changed files with 4410 additions and 4214 deletions
Download patch file Download diff file Expand all files Collapse all files

5
app/Models/EpisodeModel.php
View file

@ -115,8 +115,8 @@ class EpisodeModel extends Model
'number' => 'is_natural_no_zero|permit_empty',
'season_number' => 'is_natural_no_zero|permit_empty',
'type' => 'required',
'transcript_remote_url' => 'valid_url|permit_empty',
'chapters_remote_url' => 'valid_url|permit_empty',
'transcript_remote_url' => 'valid_url_strict|permit_empty',
'chapters_remote_url' => 'valid_url_strict|permit_empty',
'published_at' => 'valid_date|permit_empty',
'created_by' => 'required',
'updated_by' => 'required',
@ -215,6 +215,7 @@ class EpisodeModel extends Model
$where['YEAR(published_at)'] = $year;
$where['season_number'] = null;
}
if ($season) {
$where['season_number'] = $season;
}