mirror of
https://git.code.sf.net/p/seeddms/code
synced 2025-06-18 02:59:27 +00:00
better checking of passed arguments
This commit is contained in:
Uwe Steinmann
parent
e765737d93
commit
578aa30bc5
|
|
@ -2298,8 +2298,10 @@ class SeedDMS_Core_DMS {
|
||||||
|
|
||||||
$queryStr = "SELECT * FROM `tblKeywordCategories` WHERE `id` = " . (int) $id;
|
$queryStr = "SELECT * FROM `tblKeywordCategories` WHERE `id` = " . (int) $id;
|
||||||
$resArr = $this->db->getResultArray($queryStr);
|
$resArr = $this->db->getResultArray($queryStr);
|
||||||
if ((is_bool($resArr) && !$resArr) || (count($resArr) != 1))
|
if (is_bool($resArr) && !$resArr)
|
||||||
return false;
|
return false;
|
||||||
|
if (count($resArr) != 1)
|
||||||
|
return null;
|
||||||
|
|
||||||
$resArr = $resArr[0];
|
$resArr = $resArr[0];
|
||||||
$cat = new SeedDMS_Core_Keywordcategory($resArr["id"], $resArr["owner"], $resArr["name"]);
|
$cat = new SeedDMS_Core_Keywordcategory($resArr["id"], $resArr["owner"], $resArr["name"]);
|
||||||
|
|
@ -2308,10 +2310,15 @@ class SeedDMS_Core_DMS {
|
||||||
} /* }}} */
|
} /* }}} */
|
||||||
|
|
||||||
function getKeywordCategoryByName($name, $userID) { /* {{{ */
|
function getKeywordCategoryByName($name, $userID) { /* {{{ */
|
||||||
|
if (!is_numeric($userID) || $userID < 1)
|
||||||
|
return false;
|
||||||
|
$name = trim($name);
|
||||||
$queryStr = "SELECT * FROM `tblKeywordCategories` WHERE `name` = " . $this->db->qstr($name) . " AND `owner` = " . (int) $userID;
|
$queryStr = "SELECT * FROM `tblKeywordCategories` WHERE `name` = " . $this->db->qstr($name) . " AND `owner` = " . (int) $userID;
|
||||||
$resArr = $this->db->getResultArray($queryStr);
|
$resArr = $this->db->getResultArray($queryStr);
|
||||||
if ((is_bool($resArr) && !$resArr) || (count($resArr) != 1))
|
if (is_bool($resArr) && !$resArr)
|
||||||
return false;
|
return false;
|
||||||
|
if (count($resArr) != 1)
|
||||||
|
return null;
|
||||||
|
|
||||||
$resArr = $resArr[0];
|
$resArr = $resArr[0];
|
||||||
$cat = new SeedDMS_Core_Keywordcategory($resArr["id"], $resArr["owner"], $resArr["name"]);
|
$cat = new SeedDMS_Core_Keywordcategory($resArr["id"], $resArr["owner"], $resArr["name"]);
|
||||||
|
|
@ -2356,12 +2363,13 @@ class SeedDMS_Core_DMS {
|
||||||
function addKeywordCategory($userID, $name) { /* {{{ */
|
function addKeywordCategory($userID, $name) { /* {{{ */
|
||||||
if (!is_numeric($userID) || $userID < 1)
|
if (!is_numeric($userID) || $userID < 1)
|
||||||
return false;
|
return false;
|
||||||
if(!trim($name))
|
$name = trim($name);
|
||||||
|
if(!$name)
|
||||||
return false;
|
return false;
|
||||||
if (is_object($this->getKeywordCategoryByName(trim($name), $userID))) {
|
if (is_object($this->getKeywordCategoryByName($name, $userID))) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$queryStr = "INSERT INTO `tblKeywordCategories` (`owner`, `name`) VALUES (".(int) $userID.", ".$this->db->qstr(trim($name)).")";
|
$queryStr = "INSERT INTO `tblKeywordCategories` (`owner`, `name`) VALUES (".(int) $userID.", ".$this->db->qstr($name).")";
|
||||||
if (!$this->db->getResult($queryStr))
|
if (!$this->db->getResult($queryStr))
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
|
|
@ -2420,6 +2428,7 @@ class SeedDMS_Core_DMS {
|
||||||
* @return SeedDMS_Core_DocumentCategory|boolean instance of {@link SeedDMS_Core_DocumentCategory}
|
* @return SeedDMS_Core_DocumentCategory|boolean instance of {@link SeedDMS_Core_DocumentCategory}
|
||||||
*/
|
*/
|
||||||
function getDocumentCategoryByName($name) { /* {{{ */
|
function getDocumentCategoryByName($name) { /* {{{ */
|
||||||
|
$name = trim($name);
|
||||||
if (!$name) return false;
|
if (!$name) return false;
|
||||||
|
|
||||||
$queryStr = "SELECT * FROM `tblCategory` where `name`=".$this->db->qstr($name);
|
$queryStr = "SELECT * FROM `tblCategory` where `name`=".$this->db->qstr($name);
|
||||||
|
|
@ -2435,12 +2444,13 @@ class SeedDMS_Core_DMS {
|
||||||
} /* }}} */
|
} /* }}} */
|
||||||
|
|
||||||
function addDocumentCategory($name) { /* {{{ */
|
function addDocumentCategory($name) { /* {{{ */
|
||||||
if(!trim($name))
|
$name = trim($name);
|
||||||
|
if(!$name)
|
||||||
return false;
|
return false;
|
||||||
if (is_object($this->getDocumentCategoryByName(trim($name)))) {
|
if (is_object($this->getDocumentCategoryByName($name))) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$queryStr = "INSERT INTO `tblCategory` (`name`) VALUES (".$this->db->qstr(trim($name)).")";
|
$queryStr = "INSERT INTO `tblCategory` (`name`) VALUES (".$this->db->qstr($name).")";
|
||||||
if (!$this->db->getResult($queryStr))
|
if (!$this->db->getResult($queryStr))
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
|
|
@ -2573,6 +2583,7 @@ class SeedDMS_Core_DMS {
|
||||||
* @return SeedDMS_Core_AttributeDefinition|boolean instance of {@link SeedDMS_Core_AttributeDefinition} or false
|
* @return SeedDMS_Core_AttributeDefinition|boolean instance of {@link SeedDMS_Core_AttributeDefinition} or false
|
||||||
*/
|
*/
|
||||||
function getAttributeDefinitionByName($name) { /* {{{ */
|
function getAttributeDefinitionByName($name) { /* {{{ */
|
||||||
|
$name = trim($name);
|
||||||
if (!$name) return false;
|
if (!$name) return false;
|
||||||
|
|
||||||
$queryStr = "SELECT * FROM `tblAttributeDefinitions` WHERE `name` = " . $this->db->qstr($name);
|
$queryStr = "SELECT * FROM `tblAttributeDefinitions` WHERE `name` = " . $this->db->qstr($name);
|
||||||
|
|
@ -2635,9 +2646,14 @@ class SeedDMS_Core_DMS {
|
||||||
* @return bool|SeedDMS_Core_User
|
* @return bool|SeedDMS_Core_User
|
||||||
*/
|
*/
|
||||||
function addAttributeDefinition($name, $objtype, $type, $multiple=0, $minvalues=0, $maxvalues=1, $valueset='', $regex='') { /* {{{ */
|
function addAttributeDefinition($name, $objtype, $type, $multiple=0, $minvalues=0, $maxvalues=1, $valueset='', $regex='') { /* {{{ */
|
||||||
|
$name = trim($name);
|
||||||
|
if(!$name)
|
||||||
|
return false;
|
||||||
if (is_object($this->getAttributeDefinitionByName($name))) {
|
if (is_object($this->getAttributeDefinitionByName($name))) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
if(!$objtype)
|
||||||
|
return false;
|
||||||
if(!$type)
|
if(!$type)
|
||||||
return false;
|
return false;
|
||||||
if(trim($valueset)) {
|
if(trim($valueset)) {
|
||||||
|
|
@ -2692,9 +2708,12 @@ class SeedDMS_Core_DMS {
|
||||||
* Return workflow by its Id
|
* Return workflow by its Id
|
||||||
*
|
*
|
||||||
* @param integer $id internal id of workflow
|
* @param integer $id internal id of workflow
|
||||||
* @return SeedDMS_Core_Workflow|bool of instances of {@link SeedDMS_Core_Workflow} or false
|
* @return SeedDMS_Core_Workflow|bool of instances of {@link SeedDMS_Core_Workflow}, null if no workflow was found or false
|
||||||
*/
|
*/
|
||||||
function getWorkflow($id) { /* {{{ */
|
function getWorkflow($id) { /* {{{ */
|
||||||
|
if (!is_numeric($id))
|
||||||
|
return false;
|
||||||
|
|
||||||
$queryStr = "SELECT * FROM `tblWorkflows` WHERE `id`=".intval($id);
|
$queryStr = "SELECT * FROM `tblWorkflows` WHERE `id`=".intval($id);
|
||||||
$resArr = $this->db->getResultArray($queryStr);
|
$resArr = $this->db->getResultArray($queryStr);
|
||||||
|
|
||||||
|
|
@ -2702,7 +2721,7 @@ class SeedDMS_Core_DMS {
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if(!$resArr)
|
if(!$resArr)
|
||||||
return false;
|
return null;
|
||||||
|
|
||||||
$initstate = $this->getWorkflowState($resArr[0]['initstate']);
|
$initstate = $this->getWorkflowState($resArr[0]['initstate']);
|
||||||
|
|
||||||
|
|
@ -2716,9 +2735,10 @@ class SeedDMS_Core_DMS {
|
||||||
* Return workflow by its name
|
* Return workflow by its name
|
||||||
*
|
*
|
||||||
* @param string $name name of workflow
|
* @param string $name name of workflow
|
||||||
* @return SeedDMS_Core_Workflow|bool of instances of {@link SeedDMS_Core_Workflow} or false
|
* @return SeedDMS_Core_Workflow|bool of instances of {@link SeedDMS_Core_Workflow} or null if no workflow was found or false
|
||||||
*/
|
*/
|
||||||
function getWorkflowByName($name) { /* {{{ */
|
function getWorkflowByName($name) { /* {{{ */
|
||||||
|
$name = trim($name);
|
||||||
if (!$name) return false;
|
if (!$name) return false;
|
||||||
|
|
||||||
$queryStr = "SELECT * FROM `tblWorkflows` WHERE `name`=".$this->db->qstr($name);
|
$queryStr = "SELECT * FROM `tblWorkflows` WHERE `name`=".$this->db->qstr($name);
|
||||||
|
|
@ -2728,7 +2748,7 @@ class SeedDMS_Core_DMS {
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if(!$resArr)
|
if(!$resArr)
|
||||||
return false;
|
return null;
|
||||||
|
|
||||||
$initstate = $this->getWorkflowState($resArr[0]['initstate']);
|
$initstate = $this->getWorkflowState($resArr[0]['initstate']);
|
||||||
|
|
||||||
|
|
@ -2747,6 +2767,9 @@ class SeedDMS_Core_DMS {
|
||||||
*/
|
*/
|
||||||
function addWorkflow($name, $initstate) { /* {{{ */
|
function addWorkflow($name, $initstate) { /* {{{ */
|
||||||
$db = $this->db;
|
$db = $this->db;
|
||||||
|
$name = trim($name);
|
||||||
|
if(!$name)
|
||||||
|
return false;
|
||||||
if (is_object($this->getWorkflowByName($name))) {
|
if (is_object($this->getWorkflowByName($name))) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
@ -2773,8 +2796,11 @@ class SeedDMS_Core_DMS {
|
||||||
$queryStr = "SELECT * FROM `tblWorkflowStates` WHERE `id` = " . (int) $id;
|
$queryStr = "SELECT * FROM `tblWorkflowStates` WHERE `id` = " . (int) $id;
|
||||||
$resArr = $this->db->getResultArray($queryStr);
|
$resArr = $this->db->getResultArray($queryStr);
|
||||||
|
|
||||||
if (is_bool($resArr) && $resArr == false) return false;
|
if (is_bool($resArr) && $resArr == false)
|
||||||
if (count($resArr) != 1) return false;
|
return false;
|
||||||
|
|
||||||
|
if (count($resArr) != 1)
|
||||||
|
return null;
|
||||||
|
|
||||||
$resArr = $resArr[0];
|
$resArr = $resArr[0];
|
||||||
|
|
||||||
|
|
@ -2790,6 +2816,7 @@ class SeedDMS_Core_DMS {
|
||||||
* @return bool|SeedDMS_Core_Workflow_State or false
|
* @return bool|SeedDMS_Core_Workflow_State or false
|
||||||
*/
|
*/
|
||||||
function getWorkflowStateByName($name) { /* {{{ */
|
function getWorkflowStateByName($name) { /* {{{ */
|
||||||
|
$name = trim($name);
|
||||||
if (!$name) return false;
|
if (!$name) return false;
|
||||||
|
|
||||||
$queryStr = "SELECT * FROM `tblWorkflowStates` WHERE `name`=".$this->db->qstr($name);
|
$queryStr = "SELECT * FROM `tblWorkflowStates` WHERE `name`=".$this->db->qstr($name);
|
||||||
|
|
@ -2799,7 +2826,7 @@ class SeedDMS_Core_DMS {
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if(!$resArr)
|
if(!$resArr)
|
||||||
return false;
|
return null;
|
||||||
|
|
||||||
$resArr = $resArr[0];
|
$resArr = $resArr[0];
|
||||||
|
|
||||||
|
|
@ -2840,6 +2867,9 @@ class SeedDMS_Core_DMS {
|
||||||
*/
|
*/
|
||||||
function addWorkflowState($name, $docstatus) { /* {{{ */
|
function addWorkflowState($name, $docstatus) { /* {{{ */
|
||||||
$db = $this->db;
|
$db = $this->db;
|
||||||
|
$name = trim($name);
|
||||||
|
if(!$name)
|
||||||
|
return false;
|
||||||
if (is_object($this->getWorkflowStateByName($name))) {
|
if (is_object($this->getWorkflowStateByName($name))) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
@ -2866,8 +2896,11 @@ class SeedDMS_Core_DMS {
|
||||||
$queryStr = "SELECT * FROM `tblWorkflowActions` WHERE `id` = " . (int) $id;
|
$queryStr = "SELECT * FROM `tblWorkflowActions` WHERE `id` = " . (int) $id;
|
||||||
$resArr = $this->db->getResultArray($queryStr);
|
$resArr = $this->db->getResultArray($queryStr);
|
||||||
|
|
||||||
if (is_bool($resArr) && $resArr == false) return false;
|
if (is_bool($resArr) && $resArr == false)
|
||||||
if (count($resArr) != 1) return false;
|
return false;
|
||||||
|
|
||||||
|
if (count($resArr) != 1)
|
||||||
|
return null;
|
||||||
|
|
||||||
$resArr = $resArr[0];
|
$resArr = $resArr[0];
|
||||||
|
|
||||||
|
|
@ -2885,13 +2918,17 @@ class SeedDMS_Core_DMS {
|
||||||
* @return SeedDMS_Core_Workflow_Action|bool instance of {@link SeedDMS_Core_Workflow_Action} or false
|
* @return SeedDMS_Core_Workflow_Action|bool instance of {@link SeedDMS_Core_Workflow_Action} or false
|
||||||
*/
|
*/
|
||||||
function getWorkflowActionByName($name) { /* {{{ */
|
function getWorkflowActionByName($name) { /* {{{ */
|
||||||
|
$name = trim($name);
|
||||||
if (!$name) return false;
|
if (!$name) return false;
|
||||||
|
|
||||||
$queryStr = "SELECT * FROM `tblWorkflowActions` WHERE `name` = " . $this->db->qstr($name);
|
$queryStr = "SELECT * FROM `tblWorkflowActions` WHERE `name` = " . $this->db->qstr($name);
|
||||||
$resArr = $this->db->getResultArray($queryStr);
|
$resArr = $this->db->getResultArray($queryStr);
|
||||||
|
|
||||||
if (is_bool($resArr) && $resArr == false) return false;
|
if (is_bool($resArr) && $resArr == false)
|
||||||
if (count($resArr) != 1) return false;
|
return false;
|
||||||
|
|
||||||
|
if (count($resArr) != 1)
|
||||||
|
return null;
|
||||||
|
|
||||||
$resArr = $resArr[0];
|
$resArr = $resArr[0];
|
||||||
|
|
||||||
|
|
@ -2931,6 +2968,9 @@ class SeedDMS_Core_DMS {
|
||||||
*/
|
*/
|
||||||
function addWorkflowAction($name) { /* {{{ */
|
function addWorkflowAction($name) { /* {{{ */
|
||||||
$db = $this->db;
|
$db = $this->db;
|
||||||
|
$name = trim($name);
|
||||||
|
if(!$name)
|
||||||
|
return false;
|
||||||
if (is_object($this->getWorkflowActionByName($name))) {
|
if (is_object($this->getWorkflowActionByName($name))) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user