Merge pull request #1335 from Alkarex/guid-ascii-bug

guid and urls should not contain low/high characters
author: Alexandre Alapetite <alexandre@alapetite.fr> 2016-10-20 11:38:58 +0200
committer: GitHub <noreply@github.com> 2016-10-20 11:38:58 +0200
commit: 9ffd56ea68caaaff49efefacf501e07298eca7e2 (patch)
tree: 8c8448b652b0280265c98d42c81348d2c0dad409 /app/Models/FeedDAO.php
parent: 8a45743b9036078344ea362b183358f8ca8e4dd3 (diff)
parent: 7f2b0439ec4158ee7d78571d60e9bcc995e87cac (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/app/Models/FeedDAO.php b/app/Models/FeedDAO.php
index c680d270c..b21f19b66 100644
--- a/app/Models/FeedDAO.php
+++ b/app/Models/FeedDAO.php
@@ -5,6 +5,9 @@ class FreshRSS_FeedDAO extends Minz_ModelPdo implements FreshRSS_Searchable {
 		$sql = 'INSERT INTO `' . $this->prefix . 'feed` (url, category, name, website, description, `lastUpdate`, priority, `httpAuth`, error, keep_history, ttl) VALUES(?, ?, ?, ?, ?, ?, 10, ?, 0, -2, -2)';
 		$stm = $this->bd->prepare($sql);
 
+		$valuesTmp['url'] = safe_ascii($valuesTmp['url']);
+		$valuesTmp['website'] = safe_ascii($valuesTmp['website']);
+
 		$values = array(
 			substr($valuesTmp['url'], 0, 511),
 			$valuesTmp['category'],
@@ -55,6 +58,13 @@ class FreshRSS_FeedDAO extends Minz_ModelPdo implements FreshRSS_Searchable {
 	}
 
 	public function updateFeed($id, $valuesTmp) {
+		if (isset($valuesTmp['url'])) {
+			$valuesTmp['url'] = safe_ascii($valuesTmp['url']);
+		}
+		if (isset($valuesTmp['website'])) {
+			$valuesTmp['website'] = safe_ascii($valuesTmp['website']);
+		}
+
 		$set = '';
 		foreach ($valuesTmp as $key => $v) {
 			$set .= $key . '=?, ';
author	Alexandre Alapetite <alexandre@alapetite.fr>	2016-10-20 11:38:58 +0200
committer	GitHub <noreply@github.com>	2016-10-20 11:38:58 +0200
commit	9ffd56ea68caaaff49efefacf501e07298eca7e2 (patch)
tree	8c8448b652b0280265c98d42c81348d2c0dad409 /app/Models/FeedDAO.php
parent	8a45743b9036078344ea362b183358f8ca8e4dd3 (diff)
parent	7f2b0439ec4158ee7d78571d60e9bcc995e87cac (diff)