Add security checks for image upload

Fix typo
author: Nils Schwabe 2014-07-14 14:06:22 +0200
committer: Nils Schwabe 2014-07-14 14:06:22 +0200
commit: fcce38a82a0df39cddb95b1e987669cdc5073f2a (patch)
tree: 2ffe89b249e257ab078e7d4ea04e37d1df7efe5c /src/main/java/org/openslx/imagemaster/db
parent: Fix some todos (diff)
download: masterserver-fcce38a82a0df39cddb95b1e987669cdc5073f2a.tar.gz
masterserver-fcce38a82a0df39cddb95b1e987669cdc5073f2a.tar.xz
masterserver-fcce38a82a0df39cddb95b1e987669cdc5073f2a.zip
2 files changed, 5 insertions, 4 deletions
diff --git a/src/main/java/org/openslx/imagemaster/db/DbImage.java b/src/main/java/org/openslx/imagemaster/db/DbImage.java
index 904442d..38ca714 100644
--- a/src/main/java/org/openslx/imagemaster/db/DbImage.java
+++ b/src/main/java/org/openslx/imagemaster/db/DbImage.java
@@ -122,7 +122,7 @@ public class DbImage
 						"INSERT INTO images (UUID, image_version, image_name, image_path, image_createTime, image_updateTime, image_owner, content_operatingSystem, status_isValid, status_isDeleted, image_shortDescription, image_longDescription, timestamp, fileSize, token, missingBlocks, serverSessionId) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
 						imageData.uuid, imageData.imageVersion, imageData.imageName, filepath,
 						sdf.format( createTime ), sdf.format( updateTime ), imageData.imageOwner,
-						imageData.conentOperatingSystem, imageData.statusIsValid,
+						imageData.contentOperatingSystem, imageData.statusIsValid,
 						imageData.statusIsDeleted, imageData.imageShortDescription,
 						imageData.imageLongDescription, sdf.format( timestamp ), imageData.fileSize,
 						token, missingBlocksList, serverSessionId );
diff --git a/src/main/java/org/openslx/imagemaster/db/DbUser.java b/src/main/java/org/openslx/imagemaster/db/DbUser.java
index ffc9d1a..7f83176 100644
--- a/src/main/java/org/openslx/imagemaster/db/DbUser.java
+++ b/src/main/java/org/openslx/imagemaster/db/DbUser.java
@@ -74,12 +74,13 @@ public class DbUser extends User
 	/**
 	 * Checks if a user with id (userid@organization) exists
 	 * @param id
-	 * @return whether ther user exists
+	 * @return Whether the user exists
 	 */
 	public static boolean exists( String id )
 	{
-		String user = id.split( "@" )[0];
-		String organization = id.split( "@" )[1];
+		String[] parts = id.split( "@" );
+		String user = parts[0];
+		String organization = parts[1];
 		
 		DbUser dbUser = MySQL.findUniqueOrNull( DbUser.class,
 				"SELECT user.userid, user.username, user.password, user.organization, user.firstname, user.lastname, user.email, satellite.address FROM user"
author	Nils Schwabe	2014-07-14 14:06:22 +0200
committer	Nils Schwabe	2014-07-14 14:06:22 +0200
commit	fcce38a82a0df39cddb95b1e987669cdc5073f2a (patch)
tree	2ffe89b249e257ab078e7d4ea04e37d1df7efe5c /src/main/java/org/openslx/imagemaster/db
parent	Fix some todos (diff)
download	masterserver-fcce38a82a0df39cddb95b1e987669cdc5073f2a.tar.gz masterserver-fcce38a82a0df39cddb95b1e987669cdc5073f2a.tar.xz masterserver-fcce38a82a0df39cddb95b1e987669cdc5073f2a.zip