Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-04-24 02:39:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add ability to batch-delete messages

Browse Source 
Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
DL6ER
2022-02-27 15:14:26 +01:00
parent 6288112044
commit d59afde574
2 changed files with 43 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
scripts/pi-hole/php/message.php
View File

@@ -42,19 +42,21 @@ function JSON_error($message = null)
echo json_encode($response);
}
// Delete message identified by IDs
if ($_POST['action'] == 'delete_message' && isset($_POST['id'])) {
// Delete message identified by ID
try {
$stmt = $db->prepare('DELETE FROM message WHERE id=:id');
$ids = json_decode($_POST['id']);
// Explot prevention: Ensure all entries in the ID array are integers
foreach($ids as $value) {
if (!is_numeric($value)) {
throw new Exception('Invalid payload: id');
}
}
$stmt = $db->prepare('DELETE FROM message WHERE id IN ('.implode(",",$ids).')');
if (!$stmt) {
throw new Exception('While preparing message statement: ' . $db->lastErrorMsg());
}
if (!$stmt->bindValue(':id', intval($_POST['id']), SQLITE3_INTEGER)) {
throw new Exception('While binding id to message statement: ' . $db->lastErrorMsg());
}
if (!$stmt->execute()) {
throw new Exception('While executing message statement: ' . $db->lastErrorMsg());
}