SAAS-595 - Updated validation and sanitization

2015-02-17 12:17:49 -05:00 · 2015-02-17 12:17:49 -05:00 · a07a1edcc0
commit a07a1edcc0
parent eb40379152
4 changed files with 57 additions and 16 deletions
--- a/airtime_mvc/application/controllers/LibraryController.php
+++ b/airtime_mvc/application/controllers/LibraryController.php
@ -77,8 +77,6 @@ class LibraryController extends Zend_Controller_Action

            $obj_sess = new Zend_Session_Namespace(UI_PLAYLISTCONTROLLER_OBJ_SESSNAME);
            if (isset($obj_sess->id)) {
-                $objInfo = Application_Model_Library::getObjInfo($obj_sess->type);
-
                $objInfo     = Application_Model_Library::getObjInfo($obj_sess->type);
                $obj         = new $objInfo['className']($obj_sess->id);
                $userInfo    = Zend_Auth::getInstance()->getStorage()->read();
@ -446,6 +444,8 @@ class LibraryController extends Zend_Controller_Action
            }

            if ($form->isValid($serialized)) {
+                // Sanitize any incorrect metadata that slipped past validation
+                FileDataHelper::sanitizeData($serialized["track_number"]);

                $formValues = $this->_getParam('data', null);
                $formdata = array();