archives/trantor
Archived
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Check if the ObjectIds are valid.

Browse source
This commit is contained in:
Las Zenow 2013-05-09 09:42:58 +02:00
parent d0f6b83423
commit 41258ee863
5 changed files with 38 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

5
reader.go
View file

@ -172,6 +172,9 @@ func readHandler(w http.ResponseWriter, r *http.Request, sess *Session) {
func openReadEpub(w http.ResponseWriter, r *http.Request, sess *Session) (*epubgo.Epub, Book) {
var book Book
id := mux.Vars(r)["id"]
if !bson.IsObjectIdHex(id) {
return nil, book
}
books, _, err := db.GetBooks(bson.M{"_id": bson.ObjectIdHex(id)})
if err != nil || len(books) == 0 {
return nil, book
@ -194,7 +197,7 @@ func contentHandler(w http.ResponseWriter, r *http.Request, sess *Session) {
vars := mux.Vars(r)
id := vars["id"]
file := vars["file"]
if file == "" {
if file == "" || !bson.IsObjectIdHex(id) {
notFound(w)
return
}