Elgato_dark/appwrite
1
0
Fork 0
mirror of https://github.com/appwrite/appwrite synced 2026-05-23 17:08:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge pull request #10150 from appwrite/fix-apple-oauth

Browse source 
fix: prevent injected $user from being shadowed
This commit is contained in:
Steven Nguyen 2025-07-14 21:29:16 -07:00 committed by GitHub
commit 00889426de
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/controllers/api/account.php
View file

@ -1461,9 +1461,9 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
if (!empty($nameOAuth)) {
$name = $nameOAuth;
} elseif ($userParam !== null) {
$user = \json_decode($userParam, true);
if (isset($user['name']['firstName']) && isset($user['name']['lastName'])) {
$name = $user['name']['firstName'] . ' ' . $user['name']['lastName'];
$userDecoded = \json_decode($userParam, true);
if (isset($userDecoded['name']['firstName']) && isset($userDecoded['name']['lastName'])) {
$name = $userDecoded['name']['firstName'] . ' ' . $userDecoded['name']['lastName'];
}
}
$email = $oauth2->getUserEmail($accessToken);