summaryrefslogtreecommitdiff
path: root/src/web/_controller/_comments.php
diff options
context:
space:
mode:
Diffstat (limited to 'src/web/_controller/_comments.php')
-rw-r--r--src/web/_controller/_comments.php20
1 files changed, 6 insertions, 14 deletions
diff --git a/src/web/_controller/_comments.php b/src/web/_controller/_comments.php
index eea792f..3b8fe35 100644
--- a/src/web/_controller/_comments.php
+++ b/src/web/_controller/_comments.php
@@ -17,20 +17,12 @@ class _comments_controller extends Controller {
}
public function post(): void {
- $author = ''; $content = ''; $ref = '';
- if (
- !array_key_exists('author', $_GET) ||
- !array_key_exists('content', $_GET) ||
- !array_key_exists('ref', $_GET) ||
- !array_key_exists('page', $_GET)
- ) {
- $this->error(400); return;
- }
- $author = trim($_GET['author']);
- $content = trim($_GET['content']);
- $page = $_GET['page'];
- $ref = $_GET['ref'];
+ $author = trim($this->post_data('author'));
+ $content = trim($this->post_data('content'));
+ $page = $this->post_data('page');
+ $ref = $this->post_data('ref');
+
$url = NULL;
$author_len = strlen($author);
@@ -55,7 +47,7 @@ class _comments_controller extends Controller {
try {
$ref = base64_decode($ref);
$url = parse_url($ref);
- if (!$url && array_key_exists('host', $url)) {
+ if (!$url || array_key_exists('host', $url)) {
// dont allow redirects off this site
$this->error(400);
return;
generated by cgit v1.2.3-freya (git 2.51.0) at 2025-09-04 14:03:35 +0000