maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

automatically trim() all parameters given

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2018-02-26 08:21:56 +01:00
parent 4a1decf359
commit 592c9ed0b9
6 changed files with 35 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
lib/classes/api/abstract.ApiCommand.php
View File

@@ -106,6 +106,10 @@ abstract class ApiCommand
$this->version = $version; $this->version = $version;
$this->dbversion = $dbversion; $this->dbversion = $dbversion;
$this->branding = $branding; $this->branding = $branding;
if (! is_null($params)) {
$params = $this->trimArray($params);
}
$this->cmd_params = $params; $this->cmd_params = $params;
if (! empty($header)) { if (! empty($header)) {
$this->readUserData($header); $this->readUserData($header);
@@ -463,4 +467,15 @@ abstract class ApiCommand
} }
throw new Exception("Invalid API credentials", 400); throw new Exception("Invalid API credentials", 400);
} }
private function trimArray($input)
{
if (! is_array($input)) {
return trim($input);
}
return array_map(array(
$this,
'trimArray'
), $input);
}
} }

8
lib/classes/api/commands/class.Admins.php
View File

@@ -63,7 +63,7 @@ class Admins extends ApiCommand implements ResourceEntity
{ {
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$ln_optional = ($id <= 0 ? false : true); $ln_optional = ($id <= 0 ? false : true);
$loginname = trim($this->getParam('loginname', $ln_optional, '')); $loginname = $this->getParam('loginname', $ln_optional, '');
if ($this->isAdmin() && ($this->getUserDetail('change_serversettings') == 1 || ($this->getUserDetail('adminid') == $id || $this->getUserDetail('loginname') == $loginname))) { if ($this->isAdmin() && ($this->getUserDetail('change_serversettings') == 1 || ($this->getUserDetail('adminid') == $id || $this->getUserDetail('loginname') == $loginname))) {
$result_stmt = Database::prepare(" $result_stmt = Database::prepare("
@@ -314,7 +314,7 @@ class Admins extends ApiCommand implements ResourceEntity
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$ln_optional = ($id <= 0 ? false : true); $ln_optional = ($id <= 0 ? false : true);
$loginname = trim($this->getParam('loginname', $ln_optional, '')); $loginname = $this->getParam('loginname', $ln_optional, '');
$json_result = Admins::getLocal($this->getUserData(), array( $json_result = Admins::getLocal($this->getUserData(), array(
'id' => $id, 'id' => $id,
@@ -582,7 +582,7 @@ class Admins extends ApiCommand implements ResourceEntity
if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$ln_optional = ($id <= 0 ? false : true); $ln_optional = ($id <= 0 ? false : true);
$loginname = trim($this->getParam('loginname', $ln_optional, '')); $loginname = $this->getParam('loginname', $ln_optional, '');
$json_result = Admins::getLocal($this->getUserData(), array( $json_result = Admins::getLocal($this->getUserData(), array(
'id' => $id, 'id' => $id,
@@ -659,7 +659,7 @@ class Admins extends ApiCommand implements ResourceEntity
if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$ln_optional = ($id <= 0 ? false : true); $ln_optional = ($id <= 0 ? false : true);
$loginname = trim($this->getParam('loginname', $ln_optional, '')); $loginname = $this->getParam('loginname', $ln_optional, '');
$json_result = Admins::getLocal($this->getUserData(), array( $json_result = Admins::getLocal($this->getUserData(), array(
'id' => $id, 'id' => $id,

21
lib/classes/api/commands/class.Customers.php
View File

@@ -70,7 +70,7 @@ class Customers extends ApiCommand implements ResourceEntity
{ {
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$ln_optional = ($id <= 0 ? false : true); $ln_optional = ($id <= 0 ? false : true);
$loginname = trim($this->getParam('loginname', $ln_optional, '')); $loginname = $this->getParam('loginname', $ln_optional, '');
if ($this->isAdmin()) { if ($this->isAdmin()) {
$result_stmt = Database::prepare(" $result_stmt = Database::prepare("
@@ -208,18 +208,7 @@ class Customers extends ApiCommand implements ResourceEntity
standard_error('youcantallocatemorethanyouhave', '', true); standard_error('youcantallocatemorethanyouhave', '', true);
} }
// Either $name and $firstname or the $company must be inserted if ($email == '') {
if ($name == '' && $company == '') {
standard_error(array(
'stringisempty',
'myname'
), '', true);
} elseif ($firstname == '' && $company == '') {
standard_error(array(
'stringisempty',
'myfirstname'
), '', true);
} elseif ($email == '') {
standard_error(array( standard_error(array(
'stringisempty', 'stringisempty',
'emailadd' 'emailadd'
@@ -680,7 +669,7 @@ class Customers extends ApiCommand implements ResourceEntity
{ {
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$ln_optional = ($id <= 0 ? false : true); $ln_optional = ($id <= 0 ? false : true);
$loginname = trim($this->getParam('loginname', $ln_optional, '')); $loginname = $this->getParam('loginname', $ln_optional, '');
$json_result = Customers::getLocal($this->getUserData(), array( $json_result = Customers::getLocal($this->getUserData(), array(
'id' => $id, 'id' => $id,
@@ -1212,7 +1201,7 @@ class Customers extends ApiCommand implements ResourceEntity
if ($this->isAdmin()) { if ($this->isAdmin()) {
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$ln_optional = ($id <= 0 ? false : true); $ln_optional = ($id <= 0 ? false : true);
$loginname = trim($this->getParam('loginname', $ln_optional, '')); $loginname = $this->getParam('loginname', $ln_optional, '');
$delete_userfiles = $this->getParam('delete_userfiles', true, 0); $delete_userfiles = $this->getParam('delete_userfiles', true, 0);
$json_result = Customers::getLocal($this->getUserData(), array( $json_result = Customers::getLocal($this->getUserData(), array(
@@ -1454,7 +1443,7 @@ class Customers extends ApiCommand implements ResourceEntity
if ($this->isAdmin()) { if ($this->isAdmin()) {
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$ln_optional = ($id <= 0 ? false : true); $ln_optional = ($id <= 0 ? false : true);
$loginname = trim($this->getParam('loginname', $ln_optional, '')); $loginname = $this->getParam('loginname', $ln_optional, '');
$json_result = Customers::getLocal($this->getUserData(), array( $json_result = Customers::getLocal($this->getUserData(), array(
'id' => $id, 'id' => $id,

14
lib/classes/api/commands/class.Domains.php
View File

@@ -73,7 +73,7 @@ class Domains extends ApiCommand implements ResourceEntity
if ($this->isAdmin()) { if ($this->isAdmin()) {
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$dn_optional = ($id <= 0 ? false : true); $dn_optional = ($id <= 0 ? false : true);
$domainname = trim($this->getParam('domainname', $dn_optional, '')); $domainname = $this->getParam('domainname', $dn_optional, '');
$no_std_subdomain = $this->getParam('no_std_subdomain', true, false); $no_std_subdomain = $this->getParam('no_std_subdomain', true, false);
// convert possible idn domain to punycode // convert possible idn domain to punycode
@@ -131,8 +131,8 @@ class Domains extends ApiCommand implements ResourceEntity
$speciallogfile = $this->getParam('speciallogfile', true, 0); $speciallogfile = $this->getParam('speciallogfile', true, 0);
$aliasdomain = intval($this->getParam('alias', true, 0)); $aliasdomain = intval($this->getParam('alias', true, 0));
$issubof = intval($this->getParam('issubof', true, 0)); $issubof = intval($this->getParam('issubof', true, 0));
$registration_date = trim($this->getParam('registration_date', true, '')); $registration_date = $this->getParam('registration_date', true, '');
$termination_date = trim($this->getParam('termination_date', true, '')); $termination_date = $this->getParam('termination_date', true, '');
$caneditdomain = $this->getParam('caneditdomain', true, 0); $caneditdomain = $this->getParam('caneditdomain', true, 0);
$isbinddomain = $this->getParam('isbinddomain', true, 0); $isbinddomain = $this->getParam('isbinddomain', true, 0);
$zonefile = $this->getParam('zonefile', true, ''); $zonefile = $this->getParam('zonefile', true, '');
@@ -774,7 +774,7 @@ class Domains extends ApiCommand implements ResourceEntity
// parameters // parameters
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$dn_optional = ($id <= 0 ? false : true); $dn_optional = ($id <= 0 ? false : true);
$domainname = trim($this->getParam('domainname', $dn_optional, '')); $domainname = $this->getParam('domainname', $dn_optional, '');
// get requested domain // get requested domain
$json_result = Domains::getLocal($this->getUserData(), array( $json_result = Domains::getLocal($this->getUserData(), array(
@@ -799,8 +799,8 @@ class Domains extends ApiCommand implements ResourceEntity
$speciallogverified = $this->getParam('speciallogverified', true, 0); $speciallogverified = $this->getParam('speciallogverified', true, 0);
$aliasdomain = intval($this->getParam('alias', true, $result['aliasdomain'])); $aliasdomain = intval($this->getParam('alias', true, $result['aliasdomain']));
$issubof = intval($this->getParam('issubof', true, $result['ismainbutsubto'])); $issubof = intval($this->getParam('issubof', true, $result['ismainbutsubto']));
$registration_date = trim($this->getParam('registration_date', true, $result['registration_date'])); $registration_date = $this->getParam('registration_date', true, $result['registration_date']);
$termination_date = trim($this->getParam('termination_date', true, $result['termination_date'])); $termination_date = $this->getParam('termination_date', true, $result['termination_date']);
$caneditdomain = $this->getParam('caneditdomain', true, $result['caneditdomain']); $caneditdomain = $this->getParam('caneditdomain', true, $result['caneditdomain']);
$isbinddomain = $this->getParam('isbinddomain', true, $result['isbinddomain']); $isbinddomain = $this->getParam('isbinddomain', true, $result['isbinddomain']);
$zonefile = $this->getParam('zonefile', true, $result['zonefile']); $zonefile = $this->getParam('zonefile', true, $result['zonefile']);
@@ -1587,7 +1587,7 @@ class Domains extends ApiCommand implements ResourceEntity
if ($this->isAdmin()) { if ($this->isAdmin()) {
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$dn_optional = ($id <= 0 ? false : true); $dn_optional = ($id <= 0 ? false : true);
$domainname = trim($this->getParam('domainname', $dn_optional, '')); $domainname = $this->getParam('domainname', $dn_optional, '');
$is_stdsubdomain = $this->getParam('is_stdsubdomain', true, 0); $is_stdsubdomain = $this->getParam('is_stdsubdomain', true, 0);
$remove_subbutmain_domains = $this->getParam('delete_mainsubdomains', true, 0); $remove_subbutmain_domains = $this->getParam('delete_mainsubdomains', true, 0);

2
lib/classes/api/commands/class.Ftps.php
View File

@@ -37,7 +37,7 @@ class Ftps extends ApiCommand implements ResourceEntity
{ {
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$un_optional = ($id <= 0 ? false : true); $un_optional = ($id <= 0 ? false : true);
$username = trim($this->getParam('username', $un_optional, '')); $username = $this->getParam('username', $un_optional, '');
$params = array(); $params = array();
if ($this->isAdmin()) { if ($this->isAdmin()) {

6
lib/classes/api/commands/class.Mysqls.php
View File

@@ -238,7 +238,7 @@ class Mysqls extends ApiCommand implements ResourceEntity
{ {
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$dn_optional = ($id <= 0 ? false : true); $dn_optional = ($id <= 0 ? false : true);
$dbname = trim($this->getParam('dbname', $dn_optional, '')); $dbname = $this->getParam('dbname', $dn_optional, '');
$dbserver = $this->getParam('mysql_server', true, - 1); $dbserver = $this->getParam('mysql_server', true, - 1);
if ($this->isAdmin()) { if ($this->isAdmin()) {
@@ -337,7 +337,7 @@ class Mysqls extends ApiCommand implements ResourceEntity
{ {
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$dn_optional = ($id <= 0 ? false : true); $dn_optional = ($id <= 0 ? false : true);
$dbname = trim($this->getParam('dbname', $dn_optional, '')); $dbname = $this->getParam('dbname', $dn_optional, '');
$dbserver = $this->getParam('mysql_server', true, - 1); $dbserver = $this->getParam('mysql_server', true, - 1);
if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'mysql')) { if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'mysql')) {
@@ -541,7 +541,7 @@ class Mysqls extends ApiCommand implements ResourceEntity
{ {
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$dn_optional = ($id <= 0 ? false : true); $dn_optional = ($id <= 0 ? false : true);
$dbname = trim($this->getParam('dbname', $dn_optional, '')); $dbname = $this->getParam('dbname', $dn_optional, '');
$dbserver = $this->getParam('mysql_server', true, - 1); $dbserver = $this->getParam('mysql_server', true, - 1);
if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'mysql')) { if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'mysql')) {