pioder
/
uf2
1
0
Fork 0
Code Releases 0 Activity
Browse Source

several updates in admin controller (buildURL) 

implemented two new functions (variable cleaning) to use in future
master
Piotr Dergun 9 years ago
parent
5899fffb29
commit
8354bd53a3
2 changed files with 50 additions and 25 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +25
    -25
      inc/controllers/AdminController.class.php
  2. +25
    -0
      inc/misc_functions.php

+ 25
- 25
inc/controllers/AdminController.class.php View File

@ -30,13 +30,13 @@ class AdminController extends Controller
if (!$this->getModel('SessionModel')->isLogged())
{
$this->getView('MainView')->forum_message('You are not logged.', 'index.php?mode=login', true);
$this->getView('MainView')->forum_message('You are not logged.', buildURL('index.php?mode=login'), true);
$lockv = true;
}
if ($this->getModel('SessionModel')->getRank() == RANK_USER && !isset($lockv))
{
$this->getView('MainView')->forum_message('You are not admin', 'index.php');
$this->getView('MainView')->forum_message('You are not admin', buildURL('index.php'));
$lockv = true;
}
@ -63,7 +63,7 @@ class AdminController extends Controller
if ($user_info == null)
{
$this->getView('MainView')->forum_message('User does not exist!', 'index.php?mode=admin&submode=users');
$this->getView('MainView')->forum_message('User does not exist!', buildURL('index.php?mode=admin&submode=users', true));
$lockv = true;
}
else
@ -148,7 +148,7 @@ class AdminController extends Controller
$this->getModel('UsersModel')->changeUserRank($_GET['id'], $_POST['user_rank']);
$this->getModel('UsersModel')->updateUserProfile($_GET['id'], $_POST['nick'], $_POST['email'], $_POST['location'], $_POST['signature'], $av);
$this->getView('MainView')->forum_message('User profile has changed.', 'index.php?mode=admin&submode=users');
$this->getView('MainView')->forum_message('User profile has changed.', buildURL('index.php?mode=admin&submode=users', true));
$lockv = true;
}
@ -216,14 +216,14 @@ class AdminController extends Controller
$user_info = $this->getModel('UsersModel')->getUserInformation($_GET['id']);
if ($user_info == null)
{
$this->getView('MainView')->forum_message('User does not exist!', 'index.php?mode=admin&submode=users');
$this->getView('MainView')->forum_message('User does not exist!', buildURL('index.php?mode=admin&submode=users', true));
$lockv = true;
}
else
{
if ($_GET['id'] == $this->getModel('SessionModel')->getID())
{
$this->getView('MainView')->forum_message('You cannot delete own profile!', 'index.php?mode=admin&submode=users');
$this->getView('MainView')->forum_message('You cannot delete own profile!', buildURL('index.php?mode=admin&submode=users', true));
$lockv = true;
}
}
@ -236,12 +236,12 @@ class AdminController extends Controller
$this->getModel('UsersModel')->deleteUser($_GET['id']);
if ($user_info['avatar'] != null) //delete user's avatar
unlink('./'.$user_info['avatar']);
$this->getView('MainView')->forum_message('Profile deleted. Redirecting to users list...', 'index.php?mode=admin&submode=users');
$this->getView('MainView')->forum_message('Profile deleted. Redirecting to users list...', buildURL('index.php?mode=admin&submode=users', true));
$lockv = true;
}
else
{
$this->forward('index.php?mode=admin&submode=users');
$this->forward(buildURL('index.php?mode=admin&submode=users'));
}
}
@ -284,7 +284,7 @@ class AdminController extends Controller
if ($_POST['forum_desc'] != $this->getModel('ConfigModel')->getConf('forum_desc'))
$this->getModel('ConfigModel')->updateConf('forum_desc', $_POST['forum_desc']);
$this->getView('MainView')->forum_message('Forum configuration updated. Redirecting...', 'index.php?mode=admin&submode=config');
$this->getView('MainView')->forum_message('Forum configuration updated. Redirecting...', buildURL('index.php?mode=admin&submode=config', true));
$lockv = true;
}
}
@ -348,7 +348,7 @@ class AdminController extends Controller
if ($forum_info == null)
{
$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true;
}
@ -357,11 +357,11 @@ class AdminController extends Controller
if (!isset($_POST['rejected']))
{
$this->getModel('ForumsModel')->deleteForum($_GET['id']);
$this->getView('MainView')->forum_message('Forum deleted. Redirecting...', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Forum deleted. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true;
}
else
$this->forward('index.php?mode=admin&submode=forums');
$this->forward(buildURL('index.php?mode=admin&submode=forums', true));
}
if (!isset($lockv))
@ -380,7 +380,7 @@ class AdminController extends Controller
if ($cat_info == null)
{
$this->getView('MainView')->forum_message('Category does not exist!', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Category does not exist!', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true;
}
@ -389,11 +389,11 @@ class AdminController extends Controller
if (!isset($_POST['rejected']))
{
$this->getModel('ForumsModel')->deleteCat($_GET['id']);
$this->getView('MainView')->forum_message('Category deleted. Redirecting...', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Category deleted. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true;
}
else
$this->forward('index.php?mode=admin&submode=forums');
$this->forward(buildURL('index.php?mode=admin&submode=forums', true));
}
if (!isset($lockv))
@ -415,7 +415,7 @@ class AdminController extends Controller
if ($cat_info == null)
{
$this->getView('MainView')->forum_message('Category does not exist!', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Category does not exist!', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true;
}
}
@ -432,13 +432,13 @@ class AdminController extends Controller
if ($m == 'add')
{
$this->getModel('ForumsModel')->addCat($_POST['name']);
$this->getView('MainView')->forum_message('Category added. Redirecting...', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Category added. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true;
}
else
{
$this->getModel('ForumsModel')->changeCat($_GET['id'], $_POST['name']);
$this->getView('MainView')->forum_message('Category updated. Redirecting...', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Category updated. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true;
}
}
@ -469,7 +469,7 @@ class AdminController extends Controller
if ($forum_info == null)
{
$this->getView('MainView')->forum_message('Forum does not exist!', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Forum does not exist!', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true;
}
}
@ -496,13 +496,13 @@ class AdminController extends Controller
if ($m == 'add')
{
$this->getModel('ForumsModel')->addForum($_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']);
$this->getView('MainView')->forum_message('Forum added. Redirecting...', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Forum added. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true;
}
else
{
$this->getModel('ForumsModel')->changeForum($_GET['id'], $_POST['name'], $_POST['desc'], $_POST['category_id'], $_POST['locked']);
$this->getView('MainView')->forum_message('Forum updated. Redirecting...', 'index.php?mode=admin&submode=forums');
$this->getView('MainView')->forum_message('Forum updated. Redirecting...', buildURL('index.php?mode=admin&submode=forums', true));
$lockv = true;
}
}
@ -546,7 +546,7 @@ class AdminController extends Controller
if ($ban_info == null)
{
$this->getView('MainView')->forum_message('Ban does not exist!', 'index.php?mode=admin&submode=banlist');
$this->getView('MainView')->forum_message('Ban does not exist!', buildURL('index.php?mode=admin&submode=banlist', true));
$lockv = true;
}
@ -555,11 +555,11 @@ class AdminController extends Controller
if (!isset($_POST['rejected']))
{
$this->getModel('BansModel')->deleteBan($_GET['id']);
$this->getView('MainView')->forum_message('Ban deleted. Redirecting...', 'index.php?mode=admin&submode=banlist');
$this->getView('MainView')->forum_message('Ban deleted. Redirecting...', buildURL('index.php?mode=admin&submode=banlist', true));
$lockv = true;
}
else
$this->forward('index.php?mode=admin&submode=banlist');
$this->forward(buildURL('index.php?mode=admin&submode=banlist', true));
}
if (!isset($lockv))
@ -594,7 +594,7 @@ class AdminController extends Controller
if ($msg == '')
{
$this->getModel('BansModel')->addBan($_POST['user_id'], $_POST['reason']);
$this->getView('MainView')->forum_message('Ban added. Redirecting...', 'index.php?mode=admin&submode=banlist');
$this->getView('MainView')->forum_message('Ban added. Redirecting...', buildURL('index.php?mode=admin&submode=banlist', true));
$lockv = true;
}
}

+ 25
- 0
inc/misc_functions.php View File

@ -20,4 +20,29 @@ function buildURL($URI, $https = false)
return $url;
}
function post_default($key, $default='')
{
$_POST[$key] = (isset($_POST[$key])) ? stripslashes($_POST[$key]) : $default;
}
function clean_input(&$input, $dbobj, $opts = null)
{
$input = trim($input);
$input = $dbobj->real_escape_string($input);
if ($opts != null)
{
if (in_array('spchars', $opts)) //special chars
$input = htmlspecialchars($input);
if (in_array('nnegint', $opts)) //non-negative integer
{
$int_options = array('options' => array('min_range' => 0));
$input = var_dump(filter_var($input, FILTER_VALIDATE_INT, $int_options));
}
}
else
$input = strip_tags($input);
}
?>

Write Preview
Loading…
Cancel
Save