41 lines
720 B
Plaintext
41 lines
720 B
Plaintext
include::../description.adoc[]
|
|
|
|
== Noncompliant Code Example
|
|
|
|
----
|
|
$userId = $_GET["userId"];
|
|
$fileUUID = $_GET["fileUUID"];
|
|
|
|
if ( $_SESSION["userId"] == $userId ) {
|
|
unlink("/storage/" . $userId . "/" . $fileUUID); // Noncompliant
|
|
}
|
|
----
|
|
|
|
== Compliant Solution
|
|
|
|
----
|
|
$userId = (int) $_GET["userId"];
|
|
$fileUUID = (int) $_GET["fileUUID"];
|
|
|
|
if ( $_SESSION["userId"] == $userId ) {
|
|
unlink("/storage/" . $userId . "/" . $fileUUID);
|
|
}
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|