Skip to content

Commit 01fd763

Browse files
matthewpimatthewpi
committed
fix: add additional input validation
Signed-off-by: Matthew Penner <[email protected]>
1 parent 370820a commit 01fd763

File tree

2 files changed

+21
-14
lines changed

2 files changed

+21
-14
lines changed

app/Http/Controllers/Base/LocaleController.php

Lines changed: 5 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -2,11 +2,11 @@
22

33
namespace Pterodactyl\Http\Controllers\Base;
44

5-
use Illuminate\Http\Request;
65
use Illuminate\Http\JsonResponse;
76
use Illuminate\Translation\Translator;
87
use Illuminate\Contracts\Translation\Loader;
98
use Pterodactyl\Http\Controllers\Controller;
9+
use Pterodactyl\Http\Requests\Base\LocaleRequest;
1010

1111
class LocaleController extends Controller
1212
{
@@ -20,20 +20,11 @@ public function __construct(Translator $translator)
2020
/**
2121
* Returns translation data given a specific locale and namespace.
2222
*/
23-
public function __invoke(Request $request): JsonResponse
23+
public function __invoke(LocaleRequest $request): JsonResponse
2424
{
25-
$locales = explode(' ', $request->input('locale') ?? '');
26-
$namespaces = explode(' ', $request->input('namespace') ?? '');
27-
28-
$response = [];
29-
foreach ($locales as $locale) {
30-
$response[$locale] = [];
31-
foreach ($namespaces as $namespace) {
32-
$response[$locale][$namespace] = $this->i18n(
33-
$this->loader->load($locale, str_replace('.', '/', $namespace))
34-
);
35-
}
36-
}
25+
$locale = $request->input('locale');
26+
$namespace = $request->input('namespace');
27+
$response[$locale][$namespace] = $this->i18n($this->loader->load($locale, $namespace));
3728

3829
return new JsonResponse($response, 200, [
3930
// Cache this in the browser for an hour, and allow the browser to use a stale

app/Http/Requests/Base/LocaleRequest.php

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
<?php
2+
3+
namespace Pterodactyl\Http\Requests\Base;
4+
5+
use Illuminate\Foundation\Http\FormRequest;
6+
7+
class LocaleRequest extends FormRequest
8+
{
9+
public function rules(): array
10+
{
11+
return [
12+
'locale' => ['required', 'string', 'regex:/^[a-z][a-z]$/'],
13+
'namespace' => ['required', 'string', 'regex:/^[a-z]{1,191}$/'],
14+
];
15+
}
16+
}

0 commit comments

Comments
 (0)