api: use a quoted regex for media_id validation
This commit is contained in:
parent
3a41ea6d0b
commit
af1cac6d3f
@ -22,6 +22,7 @@ use constant {
|
|||||||
};
|
};
|
||||||
|
|
||||||
my $TAG_NAME_RE = qr/^[0-9]*[A-Z_a-z][0-9A-Z_a-z]*$/;
|
my $TAG_NAME_RE = qr/^[0-9]*[A-Z_a-z][0-9A-Z_a-z]*$/;
|
||||||
|
my $NUMERIC_ID_RE = qr/^[1-9][0-9]*$/;
|
||||||
|
|
||||||
sub mkpager ($)
|
sub mkpager ($)
|
||||||
{
|
{
|
||||||
@ -87,7 +88,7 @@ get "/tag/:tag_id_or_name" => sub {
|
|||||||
|
|
||||||
get "/media" => sub {
|
get "/media" => sub {
|
||||||
my $page = query_parameters->get("page") // 1;
|
my $page = query_parameters->get("page") // 1;
|
||||||
send_error("Invalid page number", 400) if $page !~ /^[1-9][0-9]*$/;
|
send_error("Invalid page number", 400) if $page !~ $NUMERIC_ID_RE;
|
||||||
|
|
||||||
my $paged_media = schema("default")->resultset("Media")
|
my $paged_media = schema("default")->resultset("Media")
|
||||||
->search({}, { order_by => "upload_date", rows => ROWS_PER_PAGE })
|
->search({}, { order_by => "upload_date", rows => ROWS_PER_PAGE })
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user