diff options
author | Daniel Friesel <derf@finalrewind.org> | 2022-12-26 15:35:33 +0100 |
---|---|---|
committer | Daniel Friesel <derf@finalrewind.org> | 2022-12-26 15:35:33 +0100 |
commit | f12bec530a86c38c707648f0201fda265f78e440 (patch) | |
tree | 6fe7b894de4794b2dd5a6dcffc622a63bc0656b9 /lib | |
parent | d0973a9d8d1bde4db2f4ed365bfa0177cdf82dd8 (diff) |
yearly/monthly history: return 404 for invalid dates
Diffstat (limited to 'lib')
-rwxr-xr-x | lib/Travelynx/Controller/Traveling.pm | 98 |
1 files changed, 45 insertions, 53 deletions
diff --git a/lib/Travelynx/Controller/Traveling.pm b/lib/Travelynx/Controller/Traveling.pm index 1517a7b..dee6c1f 100755 --- a/lib/Travelynx/Controller/Traveling.pm +++ b/lib/Travelynx/Controller/Traveling.pm @@ -1454,33 +1454,29 @@ sub yearly_history { # -> Limit time range to avoid accidental DoS. if ( not( $year =~ m{ ^ [0-9]{4} $ }x and $year > 1990 and $year < 2100 ) ) { - @journeys = $self->journeys->get( - uid => $self->current_user->{id}, - with_datetime => 1 - ); - } - else { - my $interval_start = DateTime->new( - time_zone => 'Europe/Berlin', - year => $year, - month => 1, - day => 1, - hour => 0, - minute => 0, - second => 0, - ); - my $interval_end = $interval_start->clone->add( years => 1 ); - @journeys = $self->journeys->get( - uid => $self->current_user->{id}, - after => $interval_start, - before => $interval_end, - with_datetime => 1 - ); - $stats = $self->journeys->get_stats( - uid => $self->current_user->{id}, - year => $year - ); + $self->render('not_found'); + return; } + my $interval_start = DateTime->new( + time_zone => 'Europe/Berlin', + year => $year, + month => 1, + day => 1, + hour => 0, + minute => 0, + second => 0, + ); + my $interval_end = $interval_start->clone->add( years => 1 ); + @journeys = $self->journeys->get( + uid => $self->current_user->{id}, + after => $interval_start, + before => $interval_end, + with_datetime => 1 + ); + $stats = $self->journeys->get_stats( + uid => $self->current_user->{id}, + year => $year + ); $self->respond_to( json => { @@ -1519,34 +1515,30 @@ sub monthly_history { and $month < 13 ) ) { - @journeys = $self->journeys->get( - uid => $self->current_user->{id}, - with_datetime => 1 - ); - } - else { - my $interval_start = DateTime->new( - time_zone => 'Europe/Berlin', - year => $year, - month => $month, - day => 1, - hour => 0, - minute => 0, - second => 0, - ); - my $interval_end = $interval_start->clone->add( months => 1 ); - @journeys = $self->journeys->get( - uid => $self->current_user->{id}, - after => $interval_start, - before => $interval_end, - with_datetime => 1 - ); - $stats = $self->journeys->get_stats( - uid => $self->current_user->{id}, - year => $year, - month => $month - ); + $self->render('not_found'); + return; } + my $interval_start = DateTime->new( + time_zone => 'Europe/Berlin', + year => $year, + month => $month, + day => 1, + hour => 0, + minute => 0, + second => 0, + ); + my $interval_end = $interval_start->clone->add( months => 1 ); + @journeys = $self->journeys->get( + uid => $self->current_user->{id}, + after => $interval_start, + before => $interval_end, + with_datetime => 1 + ); + $stats = $self->journeys->get_stats( + uid => $self->current_user->{id}, + year => $year, + month => $month + ); $self->respond_to( json => { |