mirror of
https://github.com/pierre42100/ComunicAPI
synced 2024-11-23 22:09:29 +00:00
Get a post movie ID securely
This commit is contained in:
parent
9546895a4d
commit
5a75165082
@ -54,6 +54,16 @@ class Movies {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check whether a movie specified by its ID exists or not
|
||||||
|
*
|
||||||
|
* @param int $movieID The ID of the movie to check
|
||||||
|
* @return bool TRUE if the movie exists / false else
|
||||||
|
*/
|
||||||
|
function exist(int $movieID) : bool {
|
||||||
|
return CS::get()->db->count($this::MOVIES_TABLE, "WHERE ID = ?", array($movieID)) > 0;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Parse a video informations
|
* Parse a video informations
|
||||||
*
|
*
|
||||||
|
@ -212,6 +212,30 @@ function getPostPostID(string $name = "postID") : int {
|
|||||||
return $postID;
|
return $postID;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the ID of a movie in a rest request
|
||||||
|
*
|
||||||
|
* @param string $name Optionnal, the name of the post ID field
|
||||||
|
* @return int $movieID The ID of the movie
|
||||||
|
*/
|
||||||
|
function getPostMovieId(string $name = "movieID") : int {
|
||||||
|
|
||||||
|
//Get movieID
|
||||||
|
if(!isset($_POST[$name]))
|
||||||
|
Rest_fatal_error(400, "Excepted movie ID in '".$name."' !");
|
||||||
|
$movieID = toInt($_POST[$name]);
|
||||||
|
|
||||||
|
//Check movie ID validity
|
||||||
|
if($movieID < 1)
|
||||||
|
Rest_fatal_error(400, "Invalid movie ID in '".$name."' !");
|
||||||
|
|
||||||
|
//Check if the movie exists
|
||||||
|
if(!CS::get()->components->movies->exist($movieID))
|
||||||
|
Rest_fatal_error(404, "Specified movie does not exists!");
|
||||||
|
|
||||||
|
return $movieID;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check the validity of an file posted in a request
|
* Check the validity of an file posted in a request
|
||||||
*
|
*
|
||||||
@ -235,3 +259,24 @@ function check_post_file(string $name) : bool {
|
|||||||
return true;
|
return true;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check the validity of a Youtube video ID
|
||||||
|
*
|
||||||
|
* @param string $id The ID of the YouTube video
|
||||||
|
* @return bool True if the ID is valid / false else
|
||||||
|
*/
|
||||||
|
function check_youtube_id(string $id) : bool {
|
||||||
|
|
||||||
|
//Check length
|
||||||
|
if(strlen($id) < 5)
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
|
//Check for illegal characters
|
||||||
|
if($id !== str_replace(array("/", "\\", "@", "&", "?", ".", "'", '"'), "", $id))
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
|
//The video is considered as valid
|
||||||
|
return TRUE;
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user