AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Do not expose IDs in forms

Browse Source
This commit is contained in:
Frederic Guillot
2017-09-23 20:56:54 -07:00
parent 074f6c104f
commit 3e0f14ae2b
20 changed files with 112 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
app/Controller/SubtaskStatusController.php
View File

@@ -18,7 +18,7 @@ class SubtaskStatusController extends BaseController
public function change()
{
$task = $this->getTask();
$subtask = $this->getSubtask();
$subtask = $this->getSubtask($task);
$fragment = $this->request->getStringParam('fragment');
$status = $this->subtaskStatusModel->toggleStatus($subtask['id']);
@@ -43,19 +43,19 @@ class SubtaskStatusController extends BaseController
public function timer()
{
$task = $this->getTask();
$subtaskId = $this->request->getIntegerParam('subtask_id');
$subtask = $this->getSubtask($task);
$timer = $this->request->getStringParam('timer');
if ($timer === 'start') {
$this->subtaskTimeTrackingModel->logStartTime($subtaskId, $this->userSession->getId());
$this->subtaskTimeTrackingModel->logStartTime($subtask['id'], $this->userSession->getId());
} elseif ($timer === 'stop') {
$this->subtaskTimeTrackingModel->logEndTime($subtaskId, $this->userSession->getId());
$this->subtaskTimeTrackingModel->logEndTime($subtask['id'], $this->userSession->getId());
$this->subtaskTimeTrackingModel->updateTaskTimeTracking($task['id']);
}
$this->response->html($this->template->render('subtask/timer', array(
'task' => $task,
'subtask' => $this->subtaskModel->getByIdWithDetails($subtaskId),
'subtask' => $this->subtaskModel->getByIdWithDetails($subtask['id']),
)));
}