Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-04-24 10:50:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix some suggestions / ignore others

Browse Source 
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
This commit is contained in:
Adam Warner
2022-04-22 17:17:59 +01:00
parent 17e59dde03
commit 242654e149
5 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/pi-hole/php/message.php
View File

@@ -47,7 +47,7 @@ if ($_POST['action'] == 'delete_message' && isset($_POST['id'])) {
$ids = json_decode($_POST['id']);
if(!is_array($ids))
throw new Exception('Invalid payload: id is not an array');
// Explot prevention: Ensure all entries in the ID array are integers
// Exploit prevention: Ensure all entries in the ID array are integers
foreach($ids as $value) {
if (!is_numeric($value))
throw new Exception('Invalid payload: id contains non-numeric entries');