From 1356b3d7adfa240293ca059c858a0dfdab8c70bd Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Mon, 13 Sep 2021 08:42:15 +1000
Subject: [PATCH] Minor fixes for client request validation

---
 app/Http/Middleware/ContactKeyLogin.php         | 4 ++++
 app/Http/Requests/Client/StoreClientRequest.php | 1 -
 app/Http/Requests/Request.php                   | 5 +++++
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/Http/Middleware/ContactKeyLogin.php b/app/Http/Middleware/ContactKeyLogin.php
index 203684823dbd..a3e4d68ccac6 100644
--- a/app/Http/Middleware/ContactKeyLogin.php
+++ b/app/Http/Middleware/ContactKeyLogin.php
@@ -41,6 +41,10 @@ class ContactKeyLogin
 
         if ($request->segment(2) && $request->segment(2) == 'magic_link' && $request->segment(3)) {
             $payload = Cache::get($request->segment(3));
+
+            if(!$payload)
+                abort(403, 'Link expired.');
+
             $contact_email = $payload['email'];
             
             if($client_contact = ClientContact::where('email', $contact_email)->where('company_id', $payload['company_id'])->first()){
diff --git a/app/Http/Requests/Client/StoreClientRequest.php b/app/Http/Requests/Client/StoreClientRequest.php
index dbf51b660336..dce5168dc87f 100644
--- a/app/Http/Requests/Client/StoreClientRequest.php
+++ b/app/Http/Requests/Client/StoreClientRequest.php
@@ -74,7 +74,6 @@ class StoreClientRequest extends Request
         $rules['number'] = ['nullable',Rule::unique('clients')->where('company_id', auth()->user()->company()->id)];
         $rules['id_number'] = ['nullable',Rule::unique('clients')->where('company_id', auth()->user()->company()->id)];
 
-
         return $rules;
     }
 
diff --git a/app/Http/Requests/Request.php b/app/Http/Requests/Request.php
index c90d9485c742..a53cd70540c6 100644
--- a/app/Http/Requests/Request.php
+++ b/app/Http/Requests/Request.php
@@ -136,6 +136,10 @@ class Request extends FormRequest
 
         if (isset($input['contacts']) && is_array($input['contacts'])) {
             foreach ($input['contacts'] as $key => $contact) {
+
+                if(!is_array($contact))
+                    continue;
+
                 if (array_key_exists('id', $contact) && is_numeric($contact['id'])) {
                     unset($input['contacts'][$key]['id']);
                 } elseif (array_key_exists('id', $contact) && is_string($contact['id'])) {
@@ -154,6 +158,7 @@ class Request extends FormRequest
                         }
                     }
                 }
+
             }
         }