forked from mirrors/easyappointments
Added validation to the sort direction value
This commit is contained in:
parent
01dfdf22f1
commit
2406eefd39
1 changed files with 8 additions and 1 deletions
|
@ -253,7 +253,14 @@ class Api {
|
||||||
|
|
||||||
$db_field = $this->model->db_field($api_field);
|
$db_field = $this->model->db_field($api_field);
|
||||||
|
|
||||||
$direction = substr($sort_token, 0, 1) === '-' ? 'DESC' : 'ASC';
|
$direction_operator = substr($sort_token, 0, 1);
|
||||||
|
|
||||||
|
if ( ! in_array($direction_operator, ['-', '+']))
|
||||||
|
{
|
||||||
|
throw new InvalidArgumentException('Invalid sort direction operator provided (expected "-" or "+"): ' . $direction_operator);
|
||||||
|
}
|
||||||
|
|
||||||
|
$direction = $direction_operator === '-' ? 'DESC' : 'ASC';
|
||||||
|
|
||||||
$order_by[] = $db_field . ' ' . $direction;
|
$order_by[] = $db_field . ' ' . $direction;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue