gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-03-11 00:15:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

- do not use sanitizeString() if not needed

Browse Source
This commit is contained in:
steinm 2011-12-01 21:35:00 +00:00
parent 112d2b4f0d
commit 57777f2498
1 changed files with 183 additions and 195 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
op/op.UserDefaultKeywords.php
View File

@ -27,40 +27,35 @@ if ($user->isGuest()) {
UI::exitError(getMLText("edit_default_keywords"),getMLText("access_denied"));
}
if (isset($_POST["action"])) {
$action = sanitizeString($_POST["action"]);
}
else {
$action = sanitizeString($_GET["action"]);
$action = '';
if (isset($_REQUEST["action"])) {
$action = $_REQUEST["action"];
}
//Neue Kategorie anlegen -----------------------------------------------------------------------------
/* Create new category ------------------------------------------------ */
if ($action == "addcategory") {
if (isset($_POST["name"])) {
$name = sanitizeString($_POST["name"]);
}
else {
$name = sanitizeString($_GET["name"]);
}
if (isset($_REQUEST["name"]) && $_REQUEST["name"]) {
$name = sanitizeString($_REQUEST["name"]);
$newCategory = $dms->addKeywordCategory($user->getID(), $name);
if (!$newCategory) {
UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
}
$categoryid=$newCategory->getID();
} else {
UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
}
}
//Kategorie löschen ----------------------------------------------------------------------------------
/* Delete category ---------------------------------------------------- */
else if ($action == "removecategory") {
if (isset($_POST["categoryid"])) {
$categoryid = 0;
if (isset($_REQUEST["categoryid"]) && $_REQUEST["categoryid"]) {
$categoryid = intval($_POST["categoryid"]);
}
else {
$categoryid = intval($_GET["categoryid"]);
}
$category = $dms->getKeywordCategory($categoryid);
if (is_object($category)) {
$owner = $category->getOwner();
@ -70,49 +65,45 @@ else if ($action == "removecategory") {
if (!$category->remove()) {
UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
}
} else {
UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
}
else UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
$categoryid=-1;
}
//Kategorie bearbeiten: Neuer Name --------------------------------------------------------------------
/* Edit category: new name -------------------------------------------- */
else if ($action == "editcategory") {
if (isset($_POST["categoryid"])) {
$categoryid = 0;
if (isset($_REQUEST["categoryid"]) && $_REQUEST["categoryid"]) {
$categoryid = intval($_POST["categoryid"]);
}
else {
$categoryid = intval($_GET["categoryid"]);
}
$category = $dms->getKeywordCategory($categoryid);
if (is_object($category)) {
$owner = $category->getOwner();
if ($owner->getID() != $user->getID()) {
UI::exitError(getMLText("personal_default_keywords"),getMLText("access_denied"));
}
if (isset($_POST["name"])) {
$name = sanitizeString($_POST["name"]);
}
else {
$name = sanitizeString($_GET["name"]);
}
if (isset($_REQUEST["name"]) && $_REQUEST["name"]) {
$name = sanitizeString($_REQUEST["name"]);
if (!$category->setName($name)) {
UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
}
} else {
UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
}
}
else UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
}
//Kategorie bearbeiten: Neue Stichwortliste ----------------------------------------------------------
/* Edit category: new keyword list ----------------------------------- */
else if ($action == "newkeywords") {
if (isset($_POST["categoryid"])) {
$categoryid = 0;
if (isset($_REQUEST["categoryid"]) && $_REQUEST["categoryid"]) {
$categoryid = intval($_POST["categoryid"]);
}
else {
$categoryid = intval($_GET["categoryid"]);
}
$category = $dms->getKeywordCategory($categoryid);
if (is_object($category)) {
$owner = $category->getOwner();
@ -133,15 +124,14 @@ else if ($action == "newkeywords") {
else UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
}
//Kategorie bearbeiten: Stichwortliste bearbeiten ----------------------------------------------------------
/* Edit category: edit keyword list ----------------------------------*/
else if ($action == "editkeywords") {
if (isset($_POST["categoryid"])) {
$categoryid = 0;
if (isset($_REQUEST["categoryid"]) && $_REQUEST["categoryid"]) {
$categoryid = intval($_POST["categoryid"]);
}
else {
$categoryid = intval($_GET["categoryid"]);
}
$category = $dms->getKeywordCategory($categoryid);
if (is_object($category)) {
$owner = $category->getOwner();
@ -166,15 +156,13 @@ else if ($action == "editkeywords") {
else UI::exitError(getMLText("personal_default_keywords"),getMLText("error_occured"));
}
//Kategorie bearbeiten: Neue Stichwortliste löschen ----------------------------------------------------------
/* Edit category: delete keyword list -------------------------------- */
else if ($action == "removekeywords") {
if (isset($_POST["categoryid"])) {
$categoryid = 0;
if (isset($_REQUEST["categoryid"]) && $_REQUEST["categoryid"]) {
$categoryid = intval($_POST["categoryid"]);
}
else {
$categoryid = intval($_GET["categoryid"]);
}
$category = $dms->getKeywordCategory($categoryid);
if (is_object($category)) {
$owner = $category->getOwner();