maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

use Request-wrapper-class for every access to $_POST superglobal

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2024-05-09 15:48:23 +02:00
parent 914204b483
commit fce310049a
42 changed files with 303 additions and 254 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
customer_mysql.php
View File

@@ -123,9 +123,9 @@ if ($page == 'overview' || $page == 'mysqls') {
$result['dbserver'] = 0;
}
if (isset($_POST['send']) && $_POST['send'] == 'send') {
if (Request::post('send') == 'send') {
try {
Mysqls::getLocal($userinfo, $_POST)->delete();
Mysqls::getLocal($userinfo, Request::postAll())->delete();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
@@ -146,9 +146,9 @@ if ($page == 'overview' || $page == 'mysqls') {
}
} elseif ($action == 'add') {
if ($userinfo['mysqls_used'] < $userinfo['mysqls'] || $userinfo['mysqls'] == '-1') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
if (Request::post('send') == 'send') {
try {
Mysqls::getLocal($userinfo, $_POST)->add();
Mysqls::getLocal($userinfo, Request::postAll())->add();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
@@ -186,9 +186,9 @@ if ($page == 'overview' || $page == 'mysqls') {
$result = json_decode($json_result, true)['data'];
if (isset($result['databasename']) && $result['databasename'] != '') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
if (Request::post('send') == 'send') {
try {
$json_result = Mysqls::getLocal($userinfo, $_POST)->update();
$json_result = Mysqls::getLocal($userinfo, Request::postAll())->update();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
@@ -223,9 +223,9 @@ if ($page == 'overview' || $page == 'mysqls') {
Response::dynamicError('No permission');
}
if (isset($_POST['send']) && $_POST['send'] == 'send') {
if (Request::post('send') == 'send') {
$new_password = Crypt::validatePassword($_POST['mysql_password']);
$new_password = Crypt::validatePassword(Request::post('mysql_password'));
foreach ($allowed_mysqlservers as $dbserver) {
// require privileged access for target db-server
Database::needRoot(true, $dbserver, false);