diff options
| author | Andrew Dolgov <[email protected]> | 2013-03-17 21:04:16 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2013-03-17 21:04:16 +0400 |
| commit | 9955a134621e75a1490a2cdc75c2a00c23f54507 (patch) | |
| tree | 0f2d58666f32cee7770d4180375d0502ddada722 | |
| parent | 95d40d8546c7bcec1916bd86fa73042521f97967 (diff) | |
properly allow false parameters passed through to API calls (refs #576)
| -rw-r--r-- | classes/api.php | 18 | ||||
| -rw-r--r-- | include/functions.php | 2 |
2 files changed, 10 insertions, 10 deletions
diff --git a/classes/api.php b/classes/api.php index 1ee620863..74464821f 100644 --- a/classes/api.php +++ b/classes/api.php @@ -109,10 +109,10 @@ class API extends Handler { function getFeeds() { $cat_id = db_escape_string($_REQUEST["cat_id"]); - $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]); + $unread_only = sql_bool_to_bool($_REQUEST["unread_only"]); $limit = (int) db_escape_string($_REQUEST["limit"]); $offset = (int) db_escape_string($_REQUEST["offset"]); - $include_nested = (bool)db_escape_string($_REQUEST["include_nested"]); + $include_nested = sql_bool_to_bool($_REQUEST["include_nested"]); $feeds = $this->api_get_feeds($this->link, $cat_id, $unread_only, $limit, $offset, $include_nested); @@ -120,8 +120,8 @@ class API extends Handler { } function getCategories() { - $unread_only = (bool)db_escape_string($_REQUEST["unread_only"]); - $enable_nested = (bool)db_escape_string($_REQUEST["enable_nested"]); + $unread_only = sql_bool_to_bool($_REQUEST["unread_only"]); + $enable_nested = sql_bool_to_bool($_REQUEST["enable_nested"]); // TODO do not return empty categories, return Uncategorized and standard virtual cats @@ -180,14 +180,14 @@ class API extends Handler { $offset = (int)db_escape_string($_REQUEST["skip"]); $filter = db_escape_string($_REQUEST["filter"]); - $is_cat = (bool)db_escape_string($_REQUEST["is_cat"]); - $show_excerpt = (bool)db_escape_string($_REQUEST["show_excerpt"]); - $show_content = (bool)db_escape_string($_REQUEST["show_content"]); + $is_cat = sql_bool_to_bool($_REQUEST["is_cat"]); + $show_excerpt = sql_bool_to_bool($_REQUEST["show_excerpt"]); + $show_content = sql_bool_to_bool($_REQUEST["show_content"]); /* all_articles, unread, adaptive, marked, updated */ $view_mode = db_escape_string($_REQUEST["view_mode"]); - $include_attachments = (bool)db_escape_string($_REQUEST["include_attachments"]); + $include_attachments = sql_bool_to_bool($_REQUEST["include_attachments"]); $since_id = (int)db_escape_string($_REQUEST["since_id"]); - $include_nested = (bool)db_escape_string($_REQUEST["include_nested"]); + $include_nested = sql_bool_to_bool($_REQUEST["include_nested"]); $sanitize_content = true; /* do not rely on params below */ diff --git a/include/functions.php b/include/functions.php index 6e48a700a..b43fda3a1 100644 --- a/include/functions.php +++ b/include/functions.php @@ -852,7 +852,7 @@ } function sql_bool_to_bool($s) { - if ($s == "t" || $s == "1" || $s == "true") { + if ($s == "t" || $s == "1" || strtolower($s) == "true") { return true; } else { return false; |