From 3598490f2a226d7ead056d2cca2b3c9515880b7d Mon Sep 17 00:00:00 2001
From: RemRem <remrem@github.com>
Date: Wed, 15 Nov 2023 14:59:22 +0100
Subject: [PATCH] add json validation on /user/{email,username}

---
 app/routes.php | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/app/routes.php b/app/routes.php
index c5831bc..fc2515c 100644
--- a/app/routes.php
+++ b/app/routes.php
@@ -119,8 +119,7 @@ return function (App $app) {
             return $res->withStatus(401);
         }
 
-        $body = $req->getParsedBody();
-        if (!isset($body['email'])) {
+        if (!Helpers::validJson((string) $req->getBody(), array("email"))) {
             return $res->withStatus(400);
         }
         $new_email = $req->getParsedBody()['email'];
@@ -137,13 +136,12 @@ return function (App $app) {
         if (!(new Token)->verifyToken($token)) {
             return $res->withStatus(401);
         }
-        $body = $req->getParsedBody();
-        if (!isset($body['username'])) {
+
+        if (!Helpers::validJson((string) $req->getBody(), array("username"))) {
             return $res->withStatus(400);
         }
         $new_username = $req->getParsedBody()['username'];
 
-
         $uuid = (new Token)->getUuidFromToken($token);
         $code = (new UserGateway)->updateUsername($uuid, $new_username);
         if ($code === -1) return $res->withStatus(500);