aiden
/
pixelfed
mirror of https://github.com/pixelfed/pixelfed
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update InternalApiController

Browse Source
pull/1074/head
Daniel Supernault 6 years ago
parent a760d66931
commit 1e75b1688d
No known key found for this signature in database
GPG Key ID: 0DEF1C662C9033F7
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File

5
app/Http/Controllers/InternalApiController.php
Unescape Escape View File

@ -392,7 +392,7 @@ class InternalApiController extends Controller
'media.*.filter_class' => 'nullable|alpha_dash|max:30',
'media.*.license' => 'nullable|string|max:80',
'cw' => 'nullable|boolean',
'visibility' => 'required|string|in:public,private|min:2|max:10'
'visibility' => 'required|string|in:public,private,unlisted|min:2|max:10'
]);
$profile = Auth::user()->profile;
@ -404,6 +404,9 @@ class InternalApiController extends Controller
$cw = $request->input('cw');
foreach($medias as $k => $media) {
if($k + 1 > config('pixelfed.max_album_length')) {
continue;
}
$m = Media::findOrFail($media['id']);
if($m->profile_id !== $profile->id || $m->status_id) {
abort(403, 'Invalid media id');

Write Preview
Loading…
Cancel
Save