maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

use Request-wrapper-class for every access to superglobal

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2024-05-16 08:30:35 +02:00
parent a602865fee
commit c89d320957
2 changed files with 26 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
index.php
View File

@@ -449,25 +449,20 @@ if ($action == '2fa_entercode') {
} }
// Pass the last used page if needed // Pass the last used page if needed
$lastscript = ""; $lastscript = Request::any('script', '');
if (isset($_REQUEST['script']) && $_REQUEST['script'] != "") { if (!empty($lastscript)) {
$lastscript = $_REQUEST['script'];
$lastscript = str_replace("..", "", $lastscript); $lastscript = str_replace("..", "", $lastscript);
$lastscript = htmlspecialchars($lastscript, ENT_QUOTES); $lastscript = htmlspecialchars($lastscript, ENT_QUOTES);
if (!file_exists(__DIR__ . "/" . $lastscript)) { if (file_exists(__DIR__ . "/" . $lastscript)) {
$_SESSION['lastscript'] = $lastscript;
} else {
$lastscript = ""; $lastscript = "";
} }
} }
$lastqrystr = ""; $lastqrystr = Request::any('qrystr', '');
if (isset($_REQUEST['qrystr']) && $_REQUEST['qrystr'] != "") {
$lastqrystr = urlencode($_REQUEST['qrystr']);
}
if (!empty($lastscript)) {
$_SESSION['lastscript'] = $lastscript;
}
if (!empty($lastqrystr)) { if (!empty($lastqrystr)) {
$lastqrystr = urlencode($lastqrystr);
$_SESSION['lastqrystr'] = $lastqrystr; $_SESSION['lastqrystr'] = $lastqrystr;
} }

29
lib/Froxlor/UI/Pagination.php
View File

@@ -65,7 +65,8 @@ class Pagination
int $perPage = 20, int $perPage = 20,
array $default_sorting = [], array $default_sorting = [],
array $pagination_additional_params = [] array $pagination_additional_params = []
) { )
{
$this->fields = $fields; $this->fields = $fields;
$this->entries = $total_entries; $this->entries = $total_entries;
$this->perPage = $perPage; $this->perPage = $perPage;
@@ -80,12 +81,13 @@ class Pagination
$orderfields = array_keys($fields); $orderfields = array_keys($fields);
$this->searchfield = $orderfields[0]; $this->searchfield = $orderfields[0];
} }
if (isset($_REQUEST['searchtext']) && (preg_match('/[-_@\p{L}\p{N}*.]+$/u', $searchtext = Request::any('searchtext');
$_REQUEST['searchtext']) || $_REQUEST['searchtext'] === '')) { if (isset($searchtext) && (preg_match('/[-_@\p{L}\p{N}*.]+$/u', $searchtext) || $searchtext === '')) {
$this->searchtext = trim($_REQUEST['searchtext']); $this->searchtext = trim($searchtext);
} }
if (isset($_REQUEST['searchfield']) && isset($fields[$_REQUEST['searchfield']])) { $searchfield = Request::any('searchfield');
$this->searchfield = $_REQUEST['searchfield']; if (isset($searchfield) && isset($fields[$searchfield])) {
$this->searchfield = $searchfield;
} }
if (!empty($this->searchtext) && !empty($this->searchfield)) { if (!empty($this->searchtext) && !empty($this->searchfield)) {
$this->addSearch($this->searchtext, $this->searchfield); $this->addSearch($this->searchtext, $this->searchfield);
@@ -94,11 +96,13 @@ class Pagination
} }
// check other ordering requests // check other ordering requests
if (isset($_REQUEST['sortorder']) && (strtolower($_REQUEST['sortorder']) == 'desc' || strtolower($_REQUEST['sortorder']) == 'asc')) { $sortorder = Request::any('sortorder');
$this->sortorder = strtoupper($_REQUEST['sortorder']); if (!empty($sortorder) && (strtolower($sortorder) == 'desc' || strtolower($sortorder) == 'asc')) {
$this->sortorder = strtoupper($sortorder);
} }
if (isset($_REQUEST['sortfield']) && isset($fields[$_REQUEST['sortfield']])) { $sortfield = Request::any('sortfield');
$this->sortfield = $_REQUEST['sortfield']; if (!empty($sortfield) && isset($fields[$sortfield])) {
$this->sortfield = $sortfield;
$this->addOrderBy($this->sortfield, $this->sortorder); $this->addOrderBy($this->sortfield, $this->sortorder);
} else { } else {
// add default ordering by given order // add default ordering by given order
@@ -118,8 +122,9 @@ class Pagination
} }
// check current page / pages // check current page / pages
if (isset($_REQUEST['pageno']) && intval($_REQUEST['pageno']) != 0) { $pageno = Request::any('pageno');
$this->pageno = intval($_REQUEST['pageno']); if (!empty($pageno) && intval($pageno) != 0) {
$this->pageno = intval($pageno);
} }
if (($this->pageno - 1) * Settings::Get('panel.paging') > $this->entries) { if (($this->pageno - 1) * Settings::Get('panel.paging') > $this->entries) {
$this->pageno = 1; $this->pageno = 1;