ITL/Uploader
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

remove Atoi

Browse Source 
isn't necessary anymore and sql injection still won't work
This commit is contained in:
AustrianToast 2024-06-11 00:10:58 +02:00
parent fb34c220b2
commit ee9708be55
No known key found for this signature in database
GPG Key ID: 5CD422268E489EB4
1 changed files with 4 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
main.go
View File

@ -7,7 +7,6 @@ import (
"log"
"net/http"
"os"
"strconv"
"github.com/gin-gonic/gin"
"github.com/jackc/pgx/v5/pgxpool"
@ -165,12 +164,7 @@ func listVideos(c *gin.Context) {
func getVideo(c *gin.Context) {
var err error
inputId, err := strconv.Atoi(c.Param("id"))
if err != nil {
log.Panicf("getVideo: %v\n", err)
}
rows, _ := dbpool.Query(context.Background(), "select filepath from videos where id = $1", inputId)
rows, _ := dbpool.Query(context.Background(), "select filepath from videos where id = $1", c.Param("id"))
rows.Next()
err = rows.Err()
if err != nil {
@ -189,12 +183,8 @@ func getVideo(c *gin.Context) {
}
func deleteVideo(c *gin.Context) {
inputId, err := strconv.Atoi(c.Param("id"))
if err != nil {
log.Panicf("deleteVideo: %v\n", err)
}
rows, _ := dbpool.Query(context.Background(), "select filepath from videos where id = $1", inputId)
var err error
rows, _ := dbpool.Query(context.Background(), "select filepath from videos where id = $1", c.Param("id"))
rows.Next()
err = rows.Err()
if err != nil {
@ -209,7 +199,7 @@ func deleteVideo(c *gin.Context) {
log.Panicf("deleteVideo: %v\n", err)
}
_, err = dbpool.Exec(context.Background(), "delete from videos where id = $1", inputId)
_, err = dbpool.Exec(context.Background(), "delete from videos where id = $1", c.Param("id"))
if err != nil {
c.JSON(http.StatusInternalServerError, "Id was likely invalid")
log.Panicf("deleteVideo: %v\n", err)