LotusGuild/tinker_tickets
4
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix type safety and TDS class naming issues

Browse Source 
- bulk_operation.php: replace is_numeric() with strict int cast+equality to reject scientific notation
- AttachmentModel.php: fix bind_param type strings (s→i for integer ticket IDs)
- CommentModel.php: use strict !== comparison with (int) cast for user_id ownership checks
- ticket.js: replace all non-TDS class names (text-amber→lt-text-amber, btn→lt-btn variants, etc.)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Jared Vititoe
2026-03-28 22:29:28 -04:00
parent d8e6dcf7fa
commit 5242d42fa7
4 changed files with 28 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/bulk_operation.php
+8 -6
View File
@@ -50,12 +50,14 @@ if (!$operationType || empty($ticketIds)) {
exit;
}
// Validate ticket IDs are integers
foreach ($ticketIds as $ticketId) {
if (!is_numeric($ticketId)) {
echo json_encode(['success' => false, 'error' => 'Invalid ticket ID format']);
exit;
}
// Validate ticket IDs are positive integers
$ticketIds = array_values(array_filter(array_map(function($id) {
$int = (int)$id;
return ($int > 0 && (string)$int === (string)$id) ? $int : null;
}, $ticketIds)));
if (empty($ticketIds)) {
echo json_encode(['success' => false, 'error' => 'No valid ticket IDs provided']);
exit;
}
// Use centralized database connection