diff options
author | Nils Schwabe | 2014-07-14 14:06:22 +0200 |
---|---|---|
committer | Nils Schwabe | 2014-07-14 14:06:22 +0200 |
commit | fcce38a82a0df39cddb95b1e987669cdc5073f2a (patch) | |
tree | 2ffe89b249e257ab078e7d4ea04e37d1df7efe5c /src/main/java/org/openslx/imagemaster/db | |
parent | Fix some todos (diff) | |
download | masterserver-fcce38a82a0df39cddb95b1e987669cdc5073f2a.tar.gz masterserver-fcce38a82a0df39cddb95b1e987669cdc5073f2a.tar.xz masterserver-fcce38a82a0df39cddb95b1e987669cdc5073f2a.zip |
Add security checks for image upload
Fix typo
Diffstat (limited to 'src/main/java/org/openslx/imagemaster/db')
-rw-r--r-- | src/main/java/org/openslx/imagemaster/db/DbImage.java | 2 | ||||
-rw-r--r-- | src/main/java/org/openslx/imagemaster/db/DbUser.java | 7 |
2 files changed, 5 insertions, 4 deletions
diff --git a/src/main/java/org/openslx/imagemaster/db/DbImage.java b/src/main/java/org/openslx/imagemaster/db/DbImage.java index 904442d..38ca714 100644 --- a/src/main/java/org/openslx/imagemaster/db/DbImage.java +++ b/src/main/java/org/openslx/imagemaster/db/DbImage.java @@ -122,7 +122,7 @@ public class DbImage "INSERT INTO images (UUID, image_version, image_name, image_path, image_createTime, image_updateTime, image_owner, content_operatingSystem, status_isValid, status_isDeleted, image_shortDescription, image_longDescription, timestamp, fileSize, token, missingBlocks, serverSessionId) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", imageData.uuid, imageData.imageVersion, imageData.imageName, filepath, sdf.format( createTime ), sdf.format( updateTime ), imageData.imageOwner, - imageData.conentOperatingSystem, imageData.statusIsValid, + imageData.contentOperatingSystem, imageData.statusIsValid, imageData.statusIsDeleted, imageData.imageShortDescription, imageData.imageLongDescription, sdf.format( timestamp ), imageData.fileSize, token, missingBlocksList, serverSessionId ); diff --git a/src/main/java/org/openslx/imagemaster/db/DbUser.java b/src/main/java/org/openslx/imagemaster/db/DbUser.java index ffc9d1a..7f83176 100644 --- a/src/main/java/org/openslx/imagemaster/db/DbUser.java +++ b/src/main/java/org/openslx/imagemaster/db/DbUser.java @@ -74,12 +74,13 @@ public class DbUser extends User /** * Checks if a user with id (userid@organization) exists * @param id - * @return whether ther user exists + * @return Whether the user exists */ public static boolean exists( String id ) { - String user = id.split( "@" )[0]; - String organization = id.split( "@" )[1]; + String[] parts = id.split( "@" ); + String user = parts[0]; + String organization = parts[1]; DbUser dbUser = MySQL.findUniqueOrNull( DbUser.class, "SELECT user.userid, user.username, user.password, user.organization, user.firstname, user.lastname, user.email, satellite.address FROM user" |