Manually type-case all AJAX files

This enforces proper types on POST and GET arguments where I considered it sensible. I didn't update some as I don't know what kind of values they would support :see_no_evil: Fixes https://github.com/owncloud/core/issues/14196 for core
author: Lukas Reschke <lukas@owncloud.com> 2015-02-13 13:33:20 +0100
committer: Lukas Reschke <lukas@owncloud.com> 2015-02-13 13:33:20 +0100
commit: a7df23cebadfc0a60095ff53e4ae5e293eb02b38 (patch)
tree: 54e8fd3e3179c65e8abda8e3bc61ce6547a501c6 /settings/ajax/enableapp.php
parent: 51f8d240c1c7a2c5fe4ab89854aeae02a33406b4 (diff)
download: nextcloud-server-a7df23cebadfc0a60095ff53e4ae5e293eb02b38.tar.gz
nextcloud-server-a7df23cebadfc0a60095ff53e4ae5e293eb02b38.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/settings/ajax/enableapp.php b/settings/ajax/enableapp.php
index 88abff487db..fcb8b47ea1f 100644
--- a/settings/ajax/enableapp.php
+++ b/settings/ajax/enableapp.php
@@ -3,10 +3,10 @@
 OC_JSON::checkAdminUser();
 OCP\JSON::callCheck();
 
-$groups = isset($_POST['groups']) ? $_POST['groups'] : null;
+$groups = isset($_POST['groups']) ? (string)$_POST['groups'] : null;
 
 try {
-	OC_App::enable(OC_App::cleanAppId($_POST['appid']), $groups);
+	OC_App::enable(OC_App::cleanAppId((string)$_POST['appid']), $groups);
 	// FIXME: Clear the cache - move that into some sane helper method
 	\OC::$server->getMemCacheFactory()->create('settings')->remove('listApps-0');
 	\OC::$server->getMemCacheFactory()->create('settings')->remove('listApps-1');
author	Lukas Reschke <lukas@owncloud.com>	2015-02-13 13:33:20 +0100
committer	Lukas Reschke <lukas@owncloud.com>	2015-02-13 13:33:20 +0100
commit	a7df23cebadfc0a60095ff53e4ae5e293eb02b38 (patch)
tree	54e8fd3e3179c65e8abda8e3bc61ce6547a501c6 /settings/ajax/enableapp.php
parent	51f8d240c1c7a2c5fe4ab89854aeae02a33406b4 (diff)
download	nextcloud-server-a7df23cebadfc0a60095ff53e4ae5e293eb02b38.tar.gz nextcloud-server-a7df23cebadfc0a60095ff53e4ae5e293eb02b38.zip