added htmlspecialchars to visible fields
This commit is contained in:
parent
b678720ebd
commit
affe02ec04
@ -38,7 +38,13 @@ class UserRepository
|
||||
|
||||
$statement->execute();
|
||||
while ($result = $statement->fetch(mode: PDO::FETCH_ASSOC)) {
|
||||
$user = new User(nick: $result['nick'], password: $result['password'], first: $result['first'], last: $result['last'], id: $result['id'], isAdmin: $result['is_admin']);
|
||||
$user = new User(
|
||||
nick: htmlspecialchars(string: $result['nick']),
|
||||
password: $result['password'],
|
||||
first: htmlspecialchars(string: $result['first']),
|
||||
last: htmlspecialchars(string: $result['last']),
|
||||
id: $result['id'],
|
||||
isAdmin: $result['is_admin']);
|
||||
$users[] = $user;
|
||||
}
|
||||
return $users;
|
||||
@ -60,7 +66,13 @@ class UserRepository
|
||||
$statement->bindParam(param: ':id', var: $id);
|
||||
$statement->execute();
|
||||
if ($result = $statement->fetch(mode: PDO::FETCH_ASSOC)) {
|
||||
return new User(nick: $result['nick'], password: $result['password'], first: $result['first'], last: $result['last'], id: $result['id'], isAdmin: $result['is_admin']);
|
||||
return new User(
|
||||
nick: htmlspecialchars(string: $result['nick']),
|
||||
password: $result['password'],
|
||||
first: htmlspecialchars(string: $result['first']),
|
||||
last: htmlspecialchars(string: $result['last']),
|
||||
id: $result['id'],
|
||||
isAdmin: $result['is_admin']);
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
@ -83,7 +95,13 @@ class UserRepository
|
||||
$statement->bindParam(param: ':nick', var: $nick);
|
||||
$statement->execute();
|
||||
if ($result = $statement->fetch(mode: PDO::FETCH_ASSOC)) {
|
||||
return new User(nick: $result['nick'], password: $result['password'], first: $result['first'], last: $result['last'], id: $result['id'], isAdmin: $result['is_admin']);
|
||||
return new User(
|
||||
nick: htmlspecialchars(string: $result['nick']),
|
||||
password: $result['password'],
|
||||
first: htmlspecialchars(string: $result['first']),
|
||||
last: htmlspecialchars(string: $result['last']),
|
||||
id: $result['id'],
|
||||
isAdmin: $result['is_admin']);
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user