From d376dac11c8008c59dc29d6515543ac23f856a0e Mon Sep 17 00:00:00 2001 From: Aaron Parecki Date: Tue, 17 Jan 2017 09:58:04 -0800 Subject: allow only mp-syndicate-to and syndicate-to --- controllers/controllers.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'controllers/controllers.php') diff --git a/controllers/controllers.php b/controllers/controllers.php index 3f95147..4b19879 100644 --- a/controllers/controllers.php +++ b/controllers/controllers.php @@ -324,8 +324,10 @@ $app->post('/settings/save', function() use($app) { if(array_key_exists('slug_field', $params) && $params['slug_field']) $user->micropub_slug_field = $params['slug_field']; - if(array_key_exists('syndicate_field', $params) && $params['syndicate_field']) - $user->micropub_syndicate_field = $params['syndicate_field']; + if(array_key_exists('syndicate_field', $params) && $params['syndicate_field']) { + if(in_array($params['syndicate_field'], ['syndicate-to','mp-syndicate-to'])) + $user->micropub_syndicate_field = $params['syndicate_field']; + } $user->save(); $app->response()['Content-type'] = 'application/json'; -- cgit v1.2.3