use Request-wrapper-class for every access to superglobal
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
19
index.php
19
index.php
@@ -449,25 +449,20 @@ if ($action == '2fa_entercode') {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Pass the last used page if needed
|
// Pass the last used page if needed
|
||||||
$lastscript = "";
|
$lastscript = Request::any('script', '');
|
||||||
if (isset($_REQUEST['script']) && $_REQUEST['script'] != "") {
|
if (!empty($lastscript)) {
|
||||||
$lastscript = $_REQUEST['script'];
|
|
||||||
$lastscript = str_replace("..", "", $lastscript);
|
$lastscript = str_replace("..", "", $lastscript);
|
||||||
$lastscript = htmlspecialchars($lastscript, ENT_QUOTES);
|
$lastscript = htmlspecialchars($lastscript, ENT_QUOTES);
|
||||||
|
|
||||||
if (!file_exists(__DIR__ . "/" . $lastscript)) {
|
if (file_exists(__DIR__ . "/" . $lastscript)) {
|
||||||
|
$_SESSION['lastscript'] = $lastscript;
|
||||||
|
} else {
|
||||||
$lastscript = "";
|
$lastscript = "";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$lastqrystr = "";
|
$lastqrystr = Request::any('qrystr', '');
|
||||||
if (isset($_REQUEST['qrystr']) && $_REQUEST['qrystr'] != "") {
|
|
||||||
$lastqrystr = urlencode($_REQUEST['qrystr']);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!empty($lastscript)) {
|
|
||||||
$_SESSION['lastscript'] = $lastscript;
|
|
||||||
}
|
|
||||||
if (!empty($lastqrystr)) {
|
if (!empty($lastqrystr)) {
|
||||||
|
$lastqrystr = urlencode($lastqrystr);
|
||||||
$_SESSION['lastqrystr'] = $lastqrystr;
|
$_SESSION['lastqrystr'] = $lastqrystr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -61,11 +61,12 @@ class Pagination
|
|||||||
*/
|
*/
|
||||||
public function __construct(
|
public function __construct(
|
||||||
array $fields = [],
|
array $fields = [],
|
||||||
int $total_entries = 0,
|
int $total_entries = 0,
|
||||||
int $perPage = 20,
|
int $perPage = 20,
|
||||||
array $default_sorting = [],
|
array $default_sorting = [],
|
||||||
array $pagination_additional_params = []
|
array $pagination_additional_params = []
|
||||||
) {
|
)
|
||||||
|
{
|
||||||
$this->fields = $fields;
|
$this->fields = $fields;
|
||||||
$this->entries = $total_entries;
|
$this->entries = $total_entries;
|
||||||
$this->perPage = $perPage;
|
$this->perPage = $perPage;
|
||||||
@@ -80,12 +81,13 @@ class Pagination
|
|||||||
$orderfields = array_keys($fields);
|
$orderfields = array_keys($fields);
|
||||||
$this->searchfield = $orderfields[0];
|
$this->searchfield = $orderfields[0];
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST['searchtext']) && (preg_match('/[-_@\p{L}\p{N}*.]+$/u',
|
$searchtext = Request::any('searchtext');
|
||||||
$_REQUEST['searchtext']) || $_REQUEST['searchtext'] === '')) {
|
if (isset($searchtext) && (preg_match('/[-_@\p{L}\p{N}*.]+$/u', $searchtext) || $searchtext === '')) {
|
||||||
$this->searchtext = trim($_REQUEST['searchtext']);
|
$this->searchtext = trim($searchtext);
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST['searchfield']) && isset($fields[$_REQUEST['searchfield']])) {
|
$searchfield = Request::any('searchfield');
|
||||||
$this->searchfield = $_REQUEST['searchfield'];
|
if (isset($searchfield) && isset($fields[$searchfield])) {
|
||||||
|
$this->searchfield = $searchfield;
|
||||||
}
|
}
|
||||||
if (!empty($this->searchtext) && !empty($this->searchfield)) {
|
if (!empty($this->searchtext) && !empty($this->searchfield)) {
|
||||||
$this->addSearch($this->searchtext, $this->searchfield);
|
$this->addSearch($this->searchtext, $this->searchfield);
|
||||||
@@ -94,11 +96,13 @@ class Pagination
|
|||||||
}
|
}
|
||||||
|
|
||||||
// check other ordering requests
|
// check other ordering requests
|
||||||
if (isset($_REQUEST['sortorder']) && (strtolower($_REQUEST['sortorder']) == 'desc' || strtolower($_REQUEST['sortorder']) == 'asc')) {
|
$sortorder = Request::any('sortorder');
|
||||||
$this->sortorder = strtoupper($_REQUEST['sortorder']);
|
if (!empty($sortorder) && (strtolower($sortorder) == 'desc' || strtolower($sortorder) == 'asc')) {
|
||||||
|
$this->sortorder = strtoupper($sortorder);
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST['sortfield']) && isset($fields[$_REQUEST['sortfield']])) {
|
$sortfield = Request::any('sortfield');
|
||||||
$this->sortfield = $_REQUEST['sortfield'];
|
if (!empty($sortfield) && isset($fields[$sortfield])) {
|
||||||
|
$this->sortfield = $sortfield;
|
||||||
$this->addOrderBy($this->sortfield, $this->sortorder);
|
$this->addOrderBy($this->sortfield, $this->sortorder);
|
||||||
} else {
|
} else {
|
||||||
// add default ordering by given order
|
// add default ordering by given order
|
||||||
@@ -118,8 +122,9 @@ class Pagination
|
|||||||
}
|
}
|
||||||
|
|
||||||
// check current page / pages
|
// check current page / pages
|
||||||
if (isset($_REQUEST['pageno']) && intval($_REQUEST['pageno']) != 0) {
|
$pageno = Request::any('pageno');
|
||||||
$this->pageno = intval($_REQUEST['pageno']);
|
if (!empty($pageno) && intval($pageno) != 0) {
|
||||||
|
$this->pageno = intval($pageno);
|
||||||
}
|
}
|
||||||
if (($this->pageno - 1) * Settings::Get('panel.paging') > $this->entries) {
|
if (($this->pageno - 1) * Settings::Get('panel.paging') > $this->entries) {
|
||||||
$this->pageno = 1;
|
$this->pageno = 1;
|
||||||
|
|||||||
Reference in New Issue
Block a user