commit b311bd7a0e000c8e8f6395389adfe1ad36f8d9fc
parent 0a91be8df6e175d60cef1caf41ffda02f54c3896
Author: dankert <devnull@localhost>
Date: Sat, 19 Dec 2009 09:56:34 +0100
Konstanten für Eingabe-Filterung verwenden.
Diffstat:
2 files changed, 16 insertions(+), 7 deletions(-)
diff --git a/actionClasses/Action.class.php b/actionClasses/Action.class.php
@@ -24,6 +24,14 @@ define('OR_NOTICE_OK' ,'ok' );
define('OR_NOTICE_WARN' ,'warning');
define('OR_NOTICE_ERROR','error' );
+define('OR_FILTER_ALPHA' ,'abc' );
+define('OR_FILTER_ALPHANUM','abc123');
+define('OR_FILTER_MAIL' ,'mail' );
+define('OR_FILTER_TEXT' ,'text' );
+define('OR_FILTER_FULL' ,'full' );
+define('OR_FILTER_NUMBER' ,'123' );
+define('OR_FILTER_RAW' ,'raw' );
+
/**
* Eltern-Klasse fuer alle Actions.
*
@@ -136,6 +144,7 @@ class Action
return Text::clean($value,'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz');
case 'alphanum':
+ case 'abc123':
$value = $REQ[ $varName ];
return Text::clean($value,'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789.,_-');
diff --git a/actionClasses/ProjectAction.class.php b/actionClasses/ProjectAction.class.php
@@ -45,13 +45,13 @@ class ProjectAction extends Action
{
if ( $this->getRequestVar('name') != '')
{
- $this->project->name = $this->getRequestVar('name' );
- $this->project->target_dir = $this->getRequestVar('target_dir' );
- $this->project->ftp_url = $this->getRequestVar('ftp_url' );
- $this->project->ftp_passive = $this->getRequestVar('ftp_passive' );
- $this->project->cmd_after_publish = $this->getRequestVar('cmd_after_publish' );
- $this->project->content_negotiation = $this->getRequestVar('content_negotiation');
- $this->project->cut_index = $this->getRequestVar('cut_index' );
+ $this->project->name = $this->getRequestVar('name' ,OR_FILTER_ALPHANUM);
+ $this->project->target_dir = $this->getRequestVar('target_dir' ,OR_FILTER_RAW );
+ $this->project->ftp_url = $this->getRequestVar('ftp_url' ,OR_FILTER_RAW );
+ $this->project->ftp_passive = $this->getRequestVar('ftp_passive' ,OR_FILTER_RAW );
+ $this->project->cmd_after_publish = $this->getRequestVar('cmd_after_publish' ,OR_FILTER_RAW );
+ $this->project->content_negotiation = $this->getRequestVar('content_negotiation',OR_FILTER_NUMBER );
+ $this->project->cut_index = $this->getRequestVar('cut_index' ,OR_FILTER_NUMBER );
$this->addNotice('project',$this->project->name,'SAVED','ok');
$this->project->save(); // speichern