search

khzg / littlelink-admin

Littlelink admin is an admin panel for littlelink that provides you a website similar linktree.
GNU Affero General Public License v3.0
91 stars 17 forks source link

Vaildation bug #8

Closed Ruriko closed 2 years ago

Ruriko commented 2 years ago

I'm trying to add validation in studio/page cause that's the only place where anyone could attempt to hack cause there's no validation. I attempted to add it myself but I can't get it to work. It just won't allow me to update the input for pageName and pageDescription but image input seems to work.


    //Save littlelink page (name, description, logo)
    public function editPage(request $request)
    {

        $request->validate([
                'image' => 'nullable|mimes:jpeg,jpg,png|max:100',
        ]);

        $userId = Auth::user()->id;
        $littlelink_name = Auth::user()->littlelink_name;

        $profilePhoto = $request->file('image');
        $pageName = $request->pageName;
        $pageDescription = $request->pageDescription;

        User::where('id', $userId)->update(['littlelink_name' => $pageName, 'littlelink_description' => $pageDescription]);

        if(!empty($profilePhoto)){
        $profilePhoto->move(public_path('/img'), $littlelink_name . ".png");
        }

        return back();
    }
khzg commented 2 years ago

laravel protects them, what error has?

Ruriko commented 2 years ago

There are no errors. Laravel doesn't protect file upload cause right now you can basically upload any file types. When I add image validation then all other input fields break as they don't update when you try to change something

Ruriko commented 2 years ago

nvm I found the problem