groove/Part-DB-server
1
0
Fork 0
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2026-01-15 06:39:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix typo and cleanup

Browse source
This commit is contained in:
d-buchmann 2025-05-23 13:28:37 +02:00
parent 2e15f87f6e
commit c86f04a50a
1 changed files with 7 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/Services/Parts/PartsTableActionHandler.php
View file

@ -69,10 +69,8 @@ final class PartsTableActionHandler
*/ */
public function handleAction(string $action, array $selected_parts, ?string $target_id, ?string $redirect_url = null, array &$errors = []): ?RedirectResponse public function handleAction(string $action, array $selected_parts, ?string $target_id, ?string $redirect_url = null, array &$errors = []): ?RedirectResponse
{ {
// sanitize target_id // validate target_id
if (!str_contains($action, 'tag') && $target_id !== null) if (!str_contains($action, 'tag') && $target_id !== null && !is_numeric($target_id))
{
if (!is_numeric($target_id)
throw new InvalidArgumentException('$target_id must be an integer for action'. $action.'!'); throw new InvalidArgumentException('$target_id must be an integer for action'. $action.'!');
} }
@ -145,10 +143,10 @@ implode(',', array_map(static fn (PartLot $lot) => $lot->getID(), $part->getPart
break; break;
case "remove_tag": case "remove_tag":
$this->denyAccessUnlessGranted('edit', $part); $this->denyAccessUnlessGranted('edit', $part);
// remove tag at start or end // remove any matching tag at start or end
$tags = preg_replace("/(^".$target_id.",|,".$target_id."$)/", '', $part->getTags()); $tags = preg_replace('/(^'.$target_id.',|,'.$target_id.'$)/', '', $part->getTags());
// remove tag in the middle, retaining one comma // remove any matching tags in the middle, retaining one comma, and commit
$tags = str_replace(','.$target_id.',', ',' $tags); $part->setTags(str_replace(','.$target_id.',', ',' $tags);
break; break;
case 'favorite': case 'favorite':
$this->denyAccessUnlessGranted('change_favorite', $part); $this->denyAccessUnlessGranted('change_favorite', $part);