gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Changed from post to put for since updating not creatings

Browse Source
This commit is contained in:
MrRenter
2015-04-18 11:53:46 -04:00
parent 790a4f941d
commit b2f18a790a
3 changed files with 17 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
controllers/story.js
View File

@@ -424,16 +424,18 @@ exports.commentOnCommentSubmit = function(req, res, next) {
};
exports.commentEdit = function(req, res, next){
if (req.user._id.toString() !== req.body.data.author.userId.toString()) {
//console.log(JSON.stringify(req));
console.log(JSON.stringify(req.body));
if (req.user._id.toString() !== req.body.author.userId.toString()) {
return next(new Error('Not authorized'));
}
var data = req.params.id;
var sanitizedBody = sanitizeHtml(req.body.data.body,{
var sanitizedBody = sanitizeHtml(req.body.body,{
allowedTags: [],
allowedAttributes: []
}).replace(/"/g, '"');
if (req.body.data.body !== sanitizedBody) {
if (req.body.body !== sanitizedBody) {
req.flash('errors', {
msg: 'HTML is not allowed'
});