]> BookStack Code Mirror - bookstack/blobdiff - app/Http/Controllers/AuditLogController.php
projects / bookstack / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fixes minor vulnerability when using target="_blank" on links (RSPEC-5148)
[bookstack] / app / Http / Controllers / AuditLogController.php
diff --git a/app/Http/Controllers/AuditLogController.php b/app/Http/Controllers/AuditLogController.php
index eb6eecc944ec0ba29567b2147b5d88af4f39d437..f73ee4a20d227e0907ba51b7f07e8273ee580e04 100644 (file)
--- a/app/Http/Controllers/AuditLogController.php
+++ b/app/Http/Controllers/AuditLogController.php
@@ -20,6 +20,7 @@ class AuditLogController extends Controller
             'sort' => $request->get('sort', 'created_at'),
             'date_from' => $request->get('date_from', ''),
             'date_to' => $request->get('date_to', ''),
+            'user' => $request->get('user', ''),
         ];
 
         $query = Activity::query()
@@ -34,6 +35,9 @@ class AuditLogController extends Controller
         if ($listDetails['event']) {
             $query->where('type', '=', $listDetails['event']);
         }
+        if ($listDetails['user']) {
+            $query->where('user_id', '=', $listDetails['user']);
+        }
 
         if ($listDetails['date_from']) {
             $query->where('created_at', '>=', $listDetails['date_from']);
The core source code for the BookStack project.