diff options
| author | matthew <matthew> | 2010-01-20 11:31:26 +0000 |
|---|---|---|
| committer | matthew <matthew> | 2010-01-20 11:31:26 +0000 |
| commit | 1a44b5893a4fd96d67bca8711b725ffc87cbf169 (patch) | |
| tree | 779a469daa297e77a9bf1e1eaeba73ea6f5d8e65 /web | |
| parent | 75f9565d518062d0f02b1bd5533236c5d6451591 (diff) | |
Don't allow through non-valid dates.
Diffstat (limited to 'web')
| -rwxr-xr-x | web/json.cgi | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/web/json.cgi b/web/json.cgi index 8c6e2dd71..512750988 100755 --- a/web/json.cgi +++ b/web/json.cgi @@ -6,7 +6,7 @@ # Copyright (c) 2009 UK Citizens Online Democracy. All rights reserved. # Email: louise@mysociety.org. WWW: http://www.mysociety.org # -# $Id: json.cgi,v 1.3 2009-07-01 13:02:07 louise Exp $ +# $Id: json.cgi,v 1.4 2010-01-20 11:31:26 matthew Exp $ use strict; use Error qw(:try); @@ -19,14 +19,15 @@ sub main { my $type = $q->param('type') || ''; my $start_date = $q->param('start_date') || ''; my $end_date = $q->param('end_date') || ''; - if ($type eq 'new_problems'){ + if ($start_date !~ /^\d{4}-\d\d-\d\d$/ || $end_date !~ /^\d{4}-\d\d-\d\d$/) { + $problems = { error => 'Invalid dates supplied' }; + } elsif ($type eq 'new_problems') { $problems = Problems::created_in_interval($start_date, $end_date); } elsif ($type eq 'fixed_problems') { $problems = Problems::fixed_in_interval($start_date, $end_date); } print $q->header( -type => 'application/json; charset=utf-8' ); - my $out = JSON::to_json($problems); - print $out; + print JSON::to_json($problems); } |