floraachy/gitlink-forgeplus
1
0
Fork 0
mirror of https://gitlink.org.cn/Gitlink/forgeplus.git synced 2026-05-24 13:45:44 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

更改:防止sql注入

Browse Source
This commit is contained in:
yystopf
2023-12-19 15:05:00 +08:00
parent 21f559f254
commit 26461f3a44
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/admins/projects_rank_controller.rb
View File

@@ -25,11 +25,11 @@ class Admins::ProjectsRankController < Admins::BaseController
end end
def sort_by def sort_by
params.fetch(:sort_by, "score") DailyProjectStatistic.column_names.include?(params.fetch(:sort_by, "score")) ? params.fetch(:sort_by, "score") : "score"
end end
def sort_direction def sort_direction
params.fetch(:sort_direction, "desc") %w(desc asc).include?(params.fetch(:sort_direction, "desc")) ? params.fetch(:sort_direction, "desc") : "desc"
end end
def export_excel(data) def export_excel(data)