Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-12-20 15:30:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

escape labelColor, icon, cover:position, validate toPid

Browse Source
This commit is contained in:
Barış Soner Uşaklı
2016-12-17 16:00:39 +03:00
parent a043876d00
commit 4ff3d06f90
5 changed files with 26 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/controllers/accounts/helpers.js
View File

@@ -139,7 +139,7 @@ helpers.getUserDataByUserSlug = function (userslug, callerUID, callback) {
userData.moderationNote = validator.escape(String(userData.moderationNote || ''));
userData['cover:url'] = userData['cover:url'] || require('../../coverPhoto').getDefaultProfileCover(userData.uid);
userData['cover:position'] = userData['cover:position'] || '50% 50%';
userData['cover:position'] = validator.escape(String(userData['cover:position'] || '50% 50%'));
userData['username:disableEdit'] = !userData.isAdmin && parseInt(meta.config['username:disableEdit'], 10) === 1;
userData['email:disableEdit'] = !userData.isAdmin && parseInt(meta.config['email:disableEdit'], 10) === 1;