adam/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-06-02 04:15:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

improvement: avoid the use of @ instead of a real test

Browse Source 
git-svn-id: http://piwigo.org/svn/branches/2.0@5003 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
plegall
2010-02-28 20:58:45 +00:00
parent d2872aacef
commit f1f59e937a
8 changed files with 22 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
admin/cat_list.php
+1 -1
View File
@@ -69,7 +69,7 @@ function save_categories_order($categories)
// | initialization |
// +-----------------------------------------------------------------------+
check_input_parameter('parent_id', @$_GET['parent_id'], false, PATTERN_ID);
check_input_parameter('parent_id', $_GET, false, PATTERN_ID);
$categories = array();
admin/element_set.php
+1 -1
View File
@@ -39,7 +39,7 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
// +-----------------------------------------------------------------------+
check_status(ACCESS_ADMINISTRATOR);
check_input_parameter('selection', @$_POST['selection'], true, PATTERN_ID);
check_input_parameter('selection', $_POST, true, PATTERN_ID);
// +-----------------------------------------------------------------------+
// | caddie management |
admin/element_set_global.php
+4 -4
View File
@@ -44,10 +44,10 @@ check_status(ACCESS_ADMINISTRATOR);
// +-----------------------------------------------------------------------+
// the $_POST['selection'] was already checked in element_set.php
check_input_parameter('add_tags', @$_POST['add_tags'], true, PATTERN_ID);
check_input_parameter('del_tags', @$_POST['del_tags'], true, PATTERN_ID);
check_input_parameter('associate', @$_POST['associate'], false, PATTERN_ID);
check_input_parameter('dissociate', @$_POST['dissociate'], false, PATTERN_ID);
check_input_parameter('add_tags', $_POST, true, PATTERN_ID);
check_input_parameter('del_tags', $_POST, true, PATTERN_ID);
check_input_parameter('associate', $_POST, false, PATTERN_ID);
check_input_parameter('dissociate', $_POST, false, PATTERN_ID);
if (isset($_POST['delete']))
{
admin/picture_modify.php
+2 -2
View File
@@ -33,8 +33,8 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
// +-----------------------------------------------------------------------+
check_status(ACCESS_ADMINISTRATOR);
check_input_parameter('image_id', $_GET['image_id'], false, PATTERN_ID);
check_input_parameter('cat_id', @$_GET['cat_id'], false, PATTERN_ID);
check_input_parameter('image_id', $_GET, false, PATTERN_ID);
check_input_parameter('cat_id', $_GET, false, PATTERN_ID);
// +-----------------------------------------------------------------------+
// | synchronize metadata |
comments.php
+3 -3
View File
@@ -117,7 +117,7 @@ if (!empty($_GET['author']))
// notification email)
if (!empty($_GET['comment_id']))
{
check_input_parameter('comment_id', $_GET['comment_id'], false, PATTERN_ID);
check_input_parameter('comment_id', $_GET, false, PATTERN_ID);
// currently, the $_GET['comment_id'] is only used by admins from email
// for management purpose (validate/delete)
@@ -183,7 +183,7 @@ if (isset($_GET['delete']) or isset($_GET['validate']))
if (isset($_GET['delete']))
{
check_input_parameter('delete', $_GET['delete'], false, PATTERN_ID);
check_input_parameter('delete', $_GET, false, PATTERN_ID);
$query = '
DELETE
@@ -195,7 +195,7 @@ DELETE
if (isset($_GET['validate']))
{
check_input_parameter('validate', $_GET['validate'], false, PATTERN_ID);
check_input_parameter('validate', $_GET, false, PATTERN_ID);
$query = '
UPDATE '.COMMENTS_TABLE.'
feed.php
+1 -1
View File
@@ -63,7 +63,7 @@ function ts_to_iso8601($ts)
// | initialization |
// +-----------------------------------------------------------------------+
check_input_parameter('feed', @$_GET['feed'], false, '/^[0-9a-z]{50}$/i');
check_input_parameter('feed', $_GET, false, '/^[0-9a-z]{50}$/i');
$feed_id= isset($_GET['feed']) ? $_GET['feed'] : '';
$image_only=isset($_GET['image_only']);
include/functions.inc.php
+8 -2
View File
@@ -1503,14 +1503,20 @@ function get_comment_post_key($image_id)
* pattern. This should happen only during hacking attempts.
*
* @param string param_name
* @param mixed param_value
* @param array param_array
* @param boolean is_array
* @param string pattern
*
* @return void
*/
function check_input_parameter($param_name, $param_value, $is_array, $pattern)
function check_input_parameter($param_name, $param_array, $is_array, $pattern)
{
$param_value = null;
if (isset($param_array[$param_name]))
{
$param_value = $param_array[$param_name];
}
// it's ok if the input parameter is null
if (empty($param_value))
{
search.php
+2 -2
View File
@@ -71,7 +71,7 @@ if (isset($_POST['submit']))
if (isset($_POST['tags']))
{
check_input_parameter('tags', $_POST['tags'], true, PATTERN_ID);
check_input_parameter('tags', $_POST, true, PATTERN_ID);
$search['fields']['tags'] = array(
'words' => $_POST['tags'],
@@ -92,7 +92,7 @@ if (isset($_POST['submit']))
if (isset($_POST['cat']))
{
check_input_parameter('cat', $_POST['cat'], true, PATTERN_ID);
check_input_parameter('cat', $_POST, true, PATTERN_ID);
$search['fields']['cat'] = array(
'words' => $_POST['cat'],