From 08f9a8c5eea003d16931ae1503540d2691be376c Mon Sep 17 00:00:00 2001
From: Shreyash Pawar <shreyashrpawar28@gmail.com>
Date: Thu, 10 Oct 2024 08:26:10 +0530
Subject: [PATCH] added validation #7359

---
 app/Actions/AttemptToAuthenticateSocialite.php    |  8 ++++++--
 .../ContactRelationshipsController.php            | 15 +++++++++++++++
 2 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/app/Actions/AttemptToAuthenticateSocialite.php b/app/Actions/AttemptToAuthenticateSocialite.php
index 2b5118886a0..053dd62d30e 100644
--- a/app/Actions/AttemptToAuthenticateSocialite.php
+++ b/app/Actions/AttemptToAuthenticateSocialite.php
@@ -124,10 +124,14 @@ private function getUserOrCreate(SocialiteUser $socialite): User
     private function createUser(SocialiteUser $socialite): User
     {
         $names = Str::of($socialite->getName())->split('/ /', 2);
+        $names = Str::of($socialite->getName())->split('/ /', 2);
+
+        $firstName = addslashes($names[0]);
+        $lastName = addslashes($names[1] ?? $names[0]);
         $data = [
             'email' => $socialite->getEmail(),
-            'first_name' => $names[0],
-            'last_name' => $names[1] ?? $names[0],
+            'first_name' => $firstName,
+            'last_name' => $lastName,
             'terms' => true,
         ];
 
diff --git a/app/Domains/Contact/ManageRelationships/Web/Controllers/ContactRelationshipsController.php b/app/Domains/Contact/ManageRelationships/Web/Controllers/ContactRelationshipsController.php
index 0877a8e36eb..de8f7746a1a 100644
--- a/app/Domains/Contact/ManageRelationships/Web/Controllers/ContactRelationshipsController.php
+++ b/app/Domains/Contact/ManageRelationships/Web/Controllers/ContactRelationshipsController.php
@@ -31,6 +31,21 @@ public function create(Request $request, string $vaultId, string $contactId)
 
     public function store(Request $request, string $vaultId, string $contactId)
     {
+
+        $request->validate([
+            'first_name' => 'required|string|max:255',
+            'last_name' => 'nullable|string|max:255',
+            'middle_name' => 'nullable|string|max:255',
+            'nickname' => 'nullable|string|max:255',
+            'maiden_name' => 'nullable|string|max:255',
+            'gender_id' => 'nullable|integer|exists:genders,id', // Assuming gender_id refers to a foreign key
+            'pronoun_id' => 'nullable|integer|exists:pronouns,id', // Assuming pronoun_id refers to a foreign key
+            'relationship_type_id' => 'required|integer|exists:relationship_types,id', // Assuming relationship_type_id refers to a foreign key
+            'create_contact_entry' => 'nullable|boolean',
+            'base_contact_id' => 'required|integer|exists:contacts,id',
+            'other_contact_id' => 'nullable|array', // Assuming multiple contacts might be selected
+            'other_contact_id.*' => 'integer|exists:contacts,id', // Validating each contact ID
+        ]);
         // This is a complex controller method, sorry about that, future reader
         // It's complex because the form is really complex and can lead to
         // many different scenarios