Manually type-case all AJAX files

This enforces proper types on POST and GET arguments where I considered it sensible. I didn't update some as I don't know what kind of values they would support :see_no_evil:

Fixes https://github.com/owncloud/core/issues/14196 for core

2 files changed, 3 insertions, 3 deletions

diff --git a/apps/files_versions/ajax/getVersions.php b/apps/files_versions/ajax/getVersions.php
index 80786433e7a..3d2e94be7c3 100644
--- a/apps/files_versions/ajax/getVersions.php
+++ b/apps/files_versions/ajax/getVersions.php
@@ -3,8 +3,8 @@ OCP\JSON::checkLoggedIn();
 OCP\JSON::callCheck();
 OCP\JSON::checkAppEnabled('files_versions');
 
-$source = $_GET['source'];
-$start = $_GET['start'];
+$source = (string)$_GET['source'];
+$start = (string)$_GET['start'];
 list ($uid, $filename) = OCA\Files_Versions\Storage::getUidAndFilename($source);
 $count = 5; //show the newest revisions
 $versions = OCA\Files_Versions\Storage::getVersions($uid, $filename, $source);
diff --git a/apps/files_versions/ajax/rollbackVersion.php b/apps/files_versions/ajax/rollbackVersion.php
index 326d8db74f7..7bcac614bbc 100644
--- a/apps/files_versions/ajax/rollbackVersion.php
+++ b/apps/files_versions/ajax/rollbackVersion.php
@@ -4,7 +4,7 @@ OCP\JSON::checkLoggedIn();
 OCP\JSON::checkAppEnabled('files_versions');
 OCP\JSON::callCheck();
 
-$file = $_GET['file'];
+$file = (string)$_GET['file'];
 $revision=(int)$_GET['revision'];
 
 if(OCA\Files_Versions\Storage::rollback( $file, $revision )) {