Fix input validation for Moderator controller

This commit is contained in:
swagg boi 2023-06-04 13:26:37 -04:00
parent ee5385290a
commit 92d241d6e7

View file

@ -44,8 +44,8 @@ sub login($self) {
$self->stash(status => 400) $self->stash(status => 400)
} }
else { else {
my $email = $self->param('email' ); my $email = $v->param('email' );
my $password = $self->param('password'); my $password = $v->param('password');
if ($self->moderator->check($email, $password)) { if ($self->moderator->check($email, $password)) {
my $mod_id = $self->moderator->get_id($email); my $mod_id = $self->moderator->get_id($email);
@ -158,9 +158,9 @@ sub create($self) {
$self->stash(status => 400) $self->stash(status => 400)
} }
else { else {
my $name = $self->param('name' ); my $name = $v->param('name' );
my $email = $self->param('email' ); my $email = $v->param('email' );
my $password = $self->param('password'); my $password = $v->param('password');
$self->moderator->create($name, $email, $password); $self->moderator->create($name, $email, $password);
$self->stash(info => "Created moderator account for $name 🧑‍🏭"); $self->stash(info => "Created moderator account for $name 🧑‍🏭");
@ -183,8 +183,8 @@ sub admin_reset($self) {
$self->stash(status => 400) $self->stash(status => 400)
} }
else { else {
my $email = $self->param('email' ); my $email = $v->param('email' );
my $password = $self->param('password'); my $password = $v->param('password');
$self->moderator->admin_reset($email, $password); $self->moderator->admin_reset($email, $password);
$self->stash(info => "Reset password for $email 🔐"); $self->stash(info => "Reset password for $email 🔐");
@ -206,7 +206,7 @@ sub mod_reset($self) {
$self->stash(status => 400) $self->stash(status => 400)
} }
else { else {
my $password = $self->param('password'); my $password = $v->param('password');
my $mod_id = $self->session->{'mod_id'}; my $mod_id = $self->session->{'mod_id'};
$self->moderator->mod_reset($mod_id, $password); $self->moderator->mod_reset($mod_id, $password);
@ -231,7 +231,7 @@ sub lock_acct($self) {
$self->stash(status => 400) $self->stash(status => 400)
} }
else { else {
my $email = $self->param('email'); my $email = $v->param('email');
$self->moderator->lock_acct($email); $self->moderator->lock_acct($email);
$self->stash(info => "Account $email has been locked 🔒"); $self->stash(info => "Account $email has been locked 🔒");
@ -253,7 +253,7 @@ sub unlock_acct($self) {
$self->stash(status => 400) $self->stash(status => 400)
} }
else { else {
my $email = $self->param('email'); my $email = $v->param('email');
$self->moderator->unlock_acct($email); $self->moderator->unlock_acct($email);
$self->stash(info => "Account $email has been unlocked 🔓"); $self->stash(info => "Account $email has been unlocked 🔓");
@ -275,7 +275,7 @@ sub promote($self) {
$self->stash(status => 404) $self->stash(status => 404)
} }
else { else {
my $email = $self->param('email'); my $email = $v->param('email');
$self->moderator->promote($email); $self->moderator->promote($email);
$self->stash(info => "Account $email has been promoted to admin 🧑‍🎓"); $self->stash(info => "Account $email has been promoted to admin 🧑‍🎓");
@ -297,7 +297,7 @@ sub demote($self) {
$self->stash(status => 404) $self->stash(status => 404)
} }
else { else {
my $email = $self->param('email'); my $email = $v->param('email');
$self->moderator->demote($email); $self->moderator->demote($email);
$self->stash(info => "Account $email has been demoted to mod 🧒"); $self->stash(info => "Account $email has been demoted to mod 🧒");