harden security for input

jeremykenedy · jeremykenedy · commit 44bee8aecf60 · 2020-05-22T10:56:44.000-07:00
diff --git a/src/App/Http/Controllers/UsersManagementController.php b/src/App/Http/Controllers/UsersManagementController.php
@@ -120,7 +120,7 @@ public function store(Request $request)
         }
 
         $user = config('laravelusers.defaultUserModel')::create([
-            'name'             => $request->input('name'),
+            'name'             => strip_tags($request->input('name')),
             'email'            => $request->input('email'),
             'password'         => Hash::make($request->input('password')),
         ]);
@@ -218,7 +218,7 @@ public function update(Request $request, $id)
             return back()->withErrors($validator)->withInput();
         }
 
-        $user->name = $request->input('name');
+        $user->name = strip_tags($request->input('name'));
 
         if ($emailCheck) {
             $user->email = $request->input('email');

Original file line number	Diff line number	Diff line change
`@@ -120,7 +120,7 @@ public function store(Request $request)`
`120`	`120`	`}`
`121`	`121`
`122`	`122`	`$user = config('laravelusers.defaultUserModel')::create([`
`123`		`- 'name' => $request->input('name'),`
	`123`	`+ 'name' => strip_tags($request->input('name')),`
`124`	`124`	`'email' => $request->input('email'),`
`125`	`125`	`'password' => Hash::make($request->input('password')),`
`126`	`126`	`]);`
`@@ -218,7 +218,7 @@ public function update(Request $request, $id)`
`218`	`218`	`return back()->withErrors($validator)->withInput();`
`219`	`219`	`}`
`220`	`220`
`221`		`- $user->name = $request->input('name');`
	`221`	`+ $user->name = strip_tags($request->input('name'));`
`222`	`222`
`223`	`223`	`if ($emailCheck) {`
`224`	`224`	`$user->email = $request->input('email');`