summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorDaniel Friesel <derf@finalrewind.org>2020-01-19 19:15:53 +0100
committerDaniel Friesel <derf@finalrewind.org>2020-01-19 19:15:53 +0100
commit2764826da00d31230a0f9a4c294b0ca050b73d4f (patch)
tree70d06c2edef2eb3cd120625d031113e7a3531392 /lib
parent243302b9bb90eb0d3f31731dea705ea42ed0c1a1 (diff)
/journey/:id: verify that id is numeric
As a side effect, this turns the response of GET /journey/edit (which should never happen in the first place) from an exception into a 404 error (#36)
Diffstat (limited to 'lib')
-rwxr-xr-xlib/Travelynx/Controller/Traveling.pm2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/Travelynx/Controller/Traveling.pm b/lib/Travelynx/Controller/Traveling.pm
index 7095312..bd8832c 100755
--- a/lib/Travelynx/Controller/Traveling.pm
+++ b/lib/Travelynx/Controller/Traveling.pm
@@ -657,7 +657,7 @@ sub journey_details {
$self->param( journey_id => $journey_id );
- if ( not($journey_id) ) {
+ if ( not( $journey_id and $journey_id =~ m{ ^ \d+ $ }x ) ) {
$self->render(
'journey',
error => 'notfound',