Skip to content

Commit

Permalink
Merge pull request #974 from oricgn/phorum_5_2_validation
Browse files Browse the repository at this point in the history 
Data validation enhanced
  • Loading branch information
@oricgn
oricgn committed Apr 14, 2016
2 parents 9586c52 + a4b643e commit b7f813e
Show file tree
Hide file tree
Showing 5 changed files with 16 additions and 24 deletions.
10 changes: 4 additions & 6 deletions include/admin/cache.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,8 @@

if ( !defined( "PHORUM_ADMIN" ) ) return;

$error = "";
$okmsg = "";
$error = '';
$okmsg = '';

if ( count( $_POST ) ) {
$new_settings = array();
Expand All @@ -34,7 +34,7 @@
if ( empty( $value ) ) {
$new_settings[$field] = "/tmp";
} elseif ( !file_exists( $value ) ) {
$error = "This cache directory does not exist. Please create it with the proper permissions.";
$error .= 'This cache directory does not exist. Please create it with the proper permissions. ';
} else {
$new_settings[$field] = $value;
}
Expand All @@ -46,7 +46,7 @@
if ( empty( $value ) ) {
$new_settings[$field] = "file";
} elseif ( !file_exists( './include/cache/'.$value.'.php' ) ) {
$error = "This cache layer ($value) does not exist.";
$error .= 'This cache layer ($value) does not exist. ';
} else {
$new_settings[$field] = $value;
}
Expand All @@ -68,8 +68,6 @@
}

}

if ( $error ) break;
}

if ( empty( $error ) ) {
Expand Down
2 changes: 1 addition & 1 deletion include/admin/customprofile.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@
"<?php print htmlspecialchars($_POST['name']) ?>"
was found.<br /><br />
If you accidentally deleted that old field, then
you can choose to restore the old field's configuration and
you can choose to restore the old field&#x2019;s configuration and
data. You can also create a totally new field and ignore
the deleted field. What do you want to do?<br/><br/>
<form action="<?php echo phorum_admin_build_url('base'); ?>" method="post">
Expand Down
2 changes: 1 addition & 1 deletion include/admin/newfolder.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@
$value = trim($value);
$_POST["name"] = $value;
if($value == ""){
$error="Please fill in Title";
$error='Please fill in Title.';
}
break;
case "vroot":
Expand Down
12 changes: 4 additions & 8 deletions include/admin/newforum.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@

include_once "./include/format_functions.php";

$error="";
$error='';

if(count($_POST)){

Expand All @@ -33,7 +33,7 @@

case "name":
if(empty($value) && $_POST["module"]!="forum_defaults"){
$error="Please fill in Title";
$error.='Please fill in Title. ';
}
break;

Expand Down Expand Up @@ -98,18 +98,14 @@
if( $_POST['inherit_id'] !== NULL && $_POST["inherit_id"] != "NULL" && $_POST['inherit_id'] != 0) {
$forum_check_inherit =phorum_db_get_forums(intval($_POST["inherit_id"]));
if( $forum_check_inherit[$_POST["inherit_id"]]["inherit_id"] || ($_POST["inherit_id"]==$_POST["forum_id"]) ) {
$error="Settings can't be inherited by this forum, because this forum already inherits settings from another forum.";
$error.='Settings can&#x2019;t be inherited by this forum, because this forum already inherits settings from another forum. ';
}
if( $forum_check_inherit[$_POST["inherit_id"]]["inherit_id"] === 0) {
$error="Settings can't be inherited by this forum, because this forum already inherits the default settings";
$error.='Settings can&#x2019;t be inherited by this forum, because this forum already inherits the default settings. ';
}
}
break;
}

if($error) break;


}

if (empty($error)) {
Expand Down
14 changes: 6 additions & 8 deletions include/admin/settings.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

if ( !defined( "PHORUM_ADMIN" ) ) return;

$error = "";
$error = '';

if ( count( $_POST ) )
{
Expand All @@ -42,7 +42,7 @@
if ( empty( $value ) ) {
$_POST[$field] = dirname( $_SERVER["HTTP_REFERER"] );
} elseif ( !preg_match( "/^(http|https):\/\/(([a-z0-9][a-z0-9_-]*)(\.[a-z0-9][a-z0-9_-]*)+)(:(\d+))?/i", $value ) && !preg_match( "/^(http|https):\/\/[a-z0-9][a-z0-9_-]*(:\d+)?/i", $value ) ) {
$error = "The provided HTTP Path is not a valid URL.";
$error .= 'The provided HTTP Path is not a valid URL. ';
}

break;
Expand All @@ -67,23 +67,23 @@
if ( empty( $value ) ) {
$_POST[$field] = "/";
} elseif ( $value[0] != "/" ) {
$error = "Session Path must start with a /";
$error .= 'Session Path must start with a /. ';
}

break;

case "session_domain":

if ( !empty( $value ) && !stristr( $_POST["http_path"], $value ) ) {
$error = "Session Domain must be part of the domain in HTTP Path or empty.";
$error .= 'Session Domain must be part of the domain in HTTP Path or empty. ';
}

break;

case "system_email_from_address":

if ( empty( $value ) ) {
$error = "You must supply an email address for system emails to use as a from address.";
$error .= 'You must supply an email address for system emails to use as a from address. ';
}

break;
Expand All @@ -110,7 +110,7 @@

$private_key = trim($value);
if (strlen($private_key) < 30) {
$error = "Use at least 30 characters for the secret private key.";
$error .= 'Use at least 30 characters for the secret private key. ';
}
$_POST[$field] = $private_key;
break;
Expand All @@ -122,8 +122,6 @@
}
break;
}

if ( $error ) break;
}

if ( empty( $error ) ) {
Expand Down

0 comments on commit b7f813e

Please sign in to comment.