floraachy/gitlink-forgeplus
1
0
Fork 0
mirror of https://gitlink.org.cn/Gitlink/forgeplus.git synced 2026-05-02 19:30:48 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

更改:防止sql注入

Browse Source
This commit is contained in:
yystopf
2023-12-19 15:05:00 +08:00
parent 21f559f254
commit 26461f3a44
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/admins/projects_rank_controller.rb
View File

@@ -25,11 +25,11 @@ class Admins::ProjectsRankController < Admins::BaseController
end
def sort_by
params.fetch(:sort_by, "score")
DailyProjectStatistic.column_names.include?(params.fetch(:sort_by, "score")) ? params.fetch(:sort_by, "score") : "score"
end
def sort_direction
params.fetch(:sort_direction, "desc")
%w(desc asc).include?(params.fetch(:sort_direction, "desc")) ? params.fetch(:sort_direction, "desc") : "desc"
end
def export_excel(data)