fix: only validate data from POST request body

miguel-rn · web-flow · commit eed24a438033 · 2023-04-10T02:59:21.000Z
With the current data validation check, an empty POST request with valid GET parameters will cause the validation to pass later when data is fetched from POST request body, it will be null.
diff --git a/src/Controllers/MagicLinkController.php b/src/Controllers/MagicLinkController.php
@@ -65,7 +65,7 @@ public function loginAction()
     {
         // Validate email format
         $rules = $this->getValidationRules();
-        if (! $this->validate($rules)) {
+        if (! $this->validateData($this->request->getPost(), $rules)) {
             return redirect()->route('magic-link')->with('errors', $this->validator->getErrors());
         }
 

Original file line number	Diff line number	Diff line change
`@@ -65,7 +65,7 @@ public function loginAction()`
`65`	`65`	`{`
`66`	`66`	`// Validate email format`
`67`	`67`	`$rules = $this->getValidationRules();`
`68`		`- if (! $this->validate($rules)) {`
	`68`	`+ if (! $this->validateData($this->request->getPost(), $rules)) {`
`69`	`69`	`return redirect()->route('magic-link')->with('errors', $this->validator->getErrors());`
`70`	`70`	`}`
`71`	`71`