fixed sql injection vulnerabilites.

author: FChannel <=> 2021-01-18 04:41:21 -0800
committer: FChannel <=> 2021-01-18 04:41:21 -0800
commit: 8244af05eaa9f66df12095c76309b454bde525d7 (patch)
tree: b96a62c2af1597ab77dbaf042c54e43c680b5bc1 /OutboxPost.go
parent: 78ccd8e434d24dccaeec0c1c6fb14f5c991bd567 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/OutboxPost.go b/OutboxPost.go
index 9d39eff..dacf77e 100644
--- a/OutboxPost.go
+++ b/OutboxPost.go
@@ -107,10 +107,12 @@ func ParseOutboxRequest(w http.ResponseWriter, r *http.Request, db *sql.DB) {
 				verification := GetVerificationByCode(db, activity.Auth)
 
 				var rActivity Activity
-
+					fmt.Println("ok")
 				if validActor && validLocalActor && verification.Board == activity.Actor.Id || verification.Board == Domain {
+					fmt.Println("yes")
 					rActivity = AcceptFollow(activity, actor)
 				} else {
+					fmt.Println("no")					
 					rActivity = RejectFollow(activity, actor)
 					rActivity.Summary = "No valid actor or Actor is not located here"
 				}
@@ -506,7 +508,6 @@ func CheckCaptcha(db *sql.DB, captcha string) bool {
 
 func ParseInboxRequest(w http.ResponseWriter, r *http.Request, db *sql.DB) {
 	activity := GetActivityFromJson(r, db)
-
 	switch(activity.Type) {
 	case "Create":
 		for _, e := range activity.Object.InReplyTo {
author	FChannel <=>	2021-01-18 04:41:21 -0800
committer	FChannel <=>	2021-01-18 04:41:21 -0800
commit	8244af05eaa9f66df12095c76309b454bde525d7 (patch)
tree	b96a62c2af1597ab77dbaf042c54e43c680b5bc1 /OutboxPost.go
parent	78ccd8e434d24dccaeec0c1c6fb14f5c991bd567 (diff)