diff --git a/app/Http/Middleware/ContactKeyLogin.php b/app/Http/Middleware/ContactKeyLogin.php index 203684823dbd..a3e4d68ccac6 100644 --- a/app/Http/Middleware/ContactKeyLogin.php +++ b/app/Http/Middleware/ContactKeyLogin.php @@ -41,6 +41,10 @@ class ContactKeyLogin if ($request->segment(2) && $request->segment(2) == 'magic_link' && $request->segment(3)) { $payload = Cache::get($request->segment(3)); + + if(!$payload) + abort(403, 'Link expired.'); + $contact_email = $payload['email']; if($client_contact = ClientContact::where('email', $contact_email)->where('company_id', $payload['company_id'])->first()){ diff --git a/app/Http/Requests/Client/StoreClientRequest.php b/app/Http/Requests/Client/StoreClientRequest.php index dbf51b660336..dce5168dc87f 100644 --- a/app/Http/Requests/Client/StoreClientRequest.php +++ b/app/Http/Requests/Client/StoreClientRequest.php @@ -74,7 +74,6 @@ class StoreClientRequest extends Request $rules['number'] = ['nullable',Rule::unique('clients')->where('company_id', auth()->user()->company()->id)]; $rules['id_number'] = ['nullable',Rule::unique('clients')->where('company_id', auth()->user()->company()->id)]; - return $rules; } diff --git a/app/Http/Requests/Request.php b/app/Http/Requests/Request.php index c90d9485c742..a53cd70540c6 100644 --- a/app/Http/Requests/Request.php +++ b/app/Http/Requests/Request.php @@ -136,6 +136,10 @@ class Request extends FormRequest if (isset($input['contacts']) && is_array($input['contacts'])) { foreach ($input['contacts'] as $key => $contact) { + + if(!is_array($contact)) + continue; + if (array_key_exists('id', $contact) && is_numeric($contact['id'])) { unset($input['contacts'][$key]['id']); } elseif (array_key_exists('id', $contact) && is_string($contact['id'])) { @@ -154,6 +158,7 @@ class Request extends FormRequest } } } + } }