X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/c429cf78187e80deb63982a282a1c6889f30291a..refs/pull/3630/head:/app/Http/Controllers/Api/PageApiController.php

diff --git a/app/Http/Controllers/Api/PageApiController.php b/app/Http/Controllers/Api/PageApiController.php
index f698627a7..9749985a5 100644
--- a/app/Http/Controllers/Api/PageApiController.php
+++ b/app/Http/Controllers/Api/PageApiController.php
@@ -12,24 +12,24 @@ use Illuminate\Http\Request;
 
 class PageApiController extends ApiController
 {
-    protected $pageRepo;
+    protected PageRepo $pageRepo;
 
     protected $rules = [
         'create' => [
-            'book_id'    => 'required_without:chapter_id|integer',
-            'chapter_id' => 'required_without:book_id|integer',
-            'name'       => 'required|string|max:255',
-            'html'       => 'required_without:markdown|string',
-            'markdown'   => 'required_without:html|string',
-            'tags'       => 'array',
+            'book_id'    => ['required_without:chapter_id', 'integer'],
+            'chapter_id' => ['required_without:book_id', 'integer'],
+            'name'       => ['required', 'string', 'max:255'],
+            'html'       => ['required_without:markdown', 'string'],
+            'markdown'   => ['required_without:html', 'string'],
+            'tags'       => ['array'],
         ],
         'update' => [
-            'book_id'    => 'required|integer',
-            'chapter_id' => 'required|integer',
-            'name'       => 'string|min:1|max:255',
-            'html'       => 'string',
-            'markdown'   => 'string',
-            'tags'       => 'array',
+            'book_id'    => ['integer'],
+            'chapter_id' => ['integer'],
+            'name'       => ['string', 'min:1', 'max:255'],
+            'html'       => ['string'],
+            'markdown'   => ['string'],
+            'tags'       => ['array'],
         ],
     ];
 
@@ -103,6 +103,8 @@ class PageApiController extends ApiController
      */
     public function update(Request $request, string $id)
     {
+        $requestData = $this->validate($request, $this->rules['update']);
+
         $page = $this->pageRepo->getById($id, []);
         $this->checkOwnablePermission('page-update', $page);
 
@@ -127,7 +129,7 @@ class PageApiController extends ApiController
             }
         }
 
-        $updatedPage = $this->pageRepo->update($page, $request->all());
+        $updatedPage = $this->pageRepo->update($page, $requestData);
 
         return response()->json($updatedPage->forJsonDisplay());
     }