add json validation on /user/{email,username}

1 year ago · 3598490f2a
parent a3afe63aa0
commit 3598490f2a
1 changed files with 3 additions and 5 deletions
--- a/app/routes.php
+++ b/app/routes.php
@ -119,8 +119,7 @@ return function (App $app) {
            return $res->withStatus(401);
        }
-        $body = $req->getParsedBody();
+        if (!Helpers::validJson((string) $req->getBody(), array("email"))) {
        if (!isset($body['email'])) {
            return $res->withStatus(400);
        }
        $new_email = $req->getParsedBody()['email'];
@ -137,13 +136,12 @@ return function (App $app) {
        if (!(new Token)->verifyToken($token)) {
            return $res->withStatus(401);
        }
-        $body = $req->getParsedBody();
+
-        if (!isset($body['username'])) {
+        if (!Helpers::validJson((string) $req->getBody(), array("username"))) {
            return $res->withStatus(400);
        }
        $new_username = $req->getParsedBody()['username'];
        $uuid = (new Token)->getUuidFromToken($token);
        $code = (new UserGateway)->updateUsername($uuid, $new_username);
        if ($code === -1) return $res->withStatus(500);