Introduced Input class into files in the plugin directory

Geeklog-Core · Dec 29, 2016 · 32f3bab · 32f3bab
1 parent ef57bdb
commit 32f3bab
Show file tree

Hide file tree

Showing 48 changed files with 89 additions and 142 deletions.
diff --git a/plugins/calendar/configuration_validation.php b/plugins/calendar/configuration_validation.php
@@ -30,7 +30,7 @@
 // |                                                                           |
 // +---------------------------------------------------------------------------+
 
-if (strpos(strtolower($_SERVER['PHP_SELF']), 'configuration_validation.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 
@@ -78,5 +78,3 @@
 $_CONF_VALIDATE['calendar']['autotag_permissions_event[3]'] = array(
     'rule' => array('inList', array(0, 2), true)
 );
-
-?>
diff --git a/plugins/calendar/functions.inc b/plugins/calendar/functions.inc
@@ -40,7 +40,7 @@
  * @package Calendar
  */
 
-if (stripos($_SERVER['PHP_SELF'], 'functions.inc') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own.');
 }
 
@@ -655,7 +655,7 @@ function plugin_getheadercode_calendar()
     global $_SCRIPTS;
 
     // use the CSS only if we are on the plugin's pages
-    if (substr_count($_SERVER['PHP_SELF'], '/calendar/') > 0) {
+    if (substr_count(Geeklog\Input::server('PHP_SELF'), '/calendar/') > 0) {
         $_SCRIPTS->setCSSFile('calendar', CTL_plugin_themeFindFile('calendar', 'css', 'style.css'), false);
     }
 }
@@ -667,42 +667,29 @@ function plugin_submit_calendar($mode = 'master')
 {
     global $_CONF, $_CA_CONF, $LANG_CAL_1, $LANG12, $MESSAGE, $_SCRIPTS;
 
-    if (isset($_POST['calendar_type'])) {
-        $mode = $_POST['calendar_type'];
+    $mode = Geeklog\Input::fPost('calendar_type', null);
+
+    if ($mode !== null) {
         if (!in_array($mode, array('master', 'personal', 'quickadd'))) {
             $mode = 'master';
         }
-    } elseif (isset($_REQUEST['mode']) && ($_REQUEST['mode'] == 'personal')) {
+    } elseif (Geeklog\Input::fRequest('mode') === 'personal') {
         $mode = 'personal';
     }
 
-    if (($_CA_CONF['personalcalendars'] == 1) && ($mode == 'quickadd')) {
+    if (($_CA_CONF['personalcalendars'] == 1) && ($mode === 'quickadd')) {
         // quick add form, just save it.
         $display = plugin_savesubmission_calendar($_POST);
 
         return $display;
     } elseif (SEC_hasRights('calendar.edit') && ($mode != 'personal')) {
         // admin posts non-personal, go to editor
-        if (isset($_REQUEST['year'])) {
-            $year = COM_applyFilter($_REQUEST['year'], true);
-        } else {
-            $year = date('Y', time());
-        }
-        if (isset($_REQUEST['month'])) {
-            $month = COM_applyFilter($_REQUEST['month'], true);
-        } else {
-            $month = date('m', time());
-        }
-        if (isset($_REQUEST['day'])) {
-            $day = COM_applyFilter($_REQUEST['day'], true);
-        } else {
-            $day = date('d', time());
-        }
-        if (isset($_REQUEST['hour'])) {
-            $hour = COM_applyFilter($_REQUEST['hour'], true);
-        } else {
-            $hour = date('H', time());
-        }
+        $currentTime = time();
+        $year = (int) Geeklog\Input::fRequest('year', date('Y', $currentTime));
+        $month = (int) Geeklog\Input::fRequest('month', date('m', $currentTime));
+        $day = (int) Geeklog\Input::fRequest('day', date('d', $currentTime));
+        $hour = (int) Geeklog\Input::fRequest('hour', date('H', $currentTime));
+
         $startat = '';
         if ($year > 0) {
             $startat = '&amp;datestart='
@@ -888,11 +875,7 @@ function CALENDAR_listOld()
     global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_CAL_ADMIN, $LANG_ACCESS,
            $LANG01, $_IMAGE_TYPE;
 
-    if (isset($_REQUEST['usr_time'])) {
-        $usr_time = $_REQUEST['usr_time'];
-    } else {
-        $usr_time = 12;
-    }
+    $usr_time = (int) Geeklog\Input::fRequest('usr_time', 12);
 
     require_once $_CONF['path_system'] . 'lib-admin.php';
 
@@ -978,18 +961,14 @@ function CALENDAR_deleteOld()
     global $_CONF, $LANG_CAL_ADMIN;
 
     $msg = '';
-    $event_list = array();
-    if (isset($_POST['delitem'])) {
-        $event_list = $_POST['delitem'];
-    }
+    $event_list = Geeklog\Input::fPost('delitem', array());
 
-    if (count($event_list) == 0) {
+    if (count($event_list) === 0) {
         $msg = $LANG_CAL_ADMIN[33] . "<br" . XHTML . ">";
     }
     $c = 0;
     if (isset($event_list) && is_array($event_list)) {
         foreach ($event_list as $delitem) {
-            $delitem = COM_applyFilter($delitem);
             if (!CALENDAR_deleteEvent($delitem)) {
                 $msg .= "<strong>{$LANG_CAL_ADMIN[34]} $delitem $LANG_CAL_ADMIN[35]}</strong><br" . XHTML . ">\n";
             } else {

diff --git a/plugins/calendar/install_defaults.php b/plugins/calendar/install_defaults.php
@@ -37,7 +37,7 @@
 //
 // $Id: install_defaults.php,v 1.8 2008/09/21 08:37:08 dhaun Exp $
 
-if (strpos(strtolower($_SERVER['PHP_SELF']), 'install_defaults.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 

diff --git a/plugins/links/configuration_validation.php b/plugins/links/configuration_validation.php
@@ -30,7 +30,7 @@
 // |                                                                           |
 // +---------------------------------------------------------------------------+
 
-if (strpos(strtolower($_SERVER['PHP_SELF']), 'configuration_validation.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 

diff --git a/plugins/links/functions.inc b/plugins/links/functions.inc
@@ -42,7 +42,7 @@
 * @package Links
 */
 
-if (strpos(strtolower($_SERVER['PHP_SELF']), 'functions.inc') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own.');
 }
 
@@ -1032,10 +1032,7 @@ function plugin_submit_links()
     $linkform->set_var('lang_title', $LANG12[10]);
     $linkform->set_var('lang_link', $LANG_LINKS_SUBMIT[2]);
     $linkform->set_var('lang_category', $LANG_LINKS_SUBMIT[3]);
-    $category = '';
-    if (isset($_REQUEST['cid'])) {
-        $category = $_REQUEST['cid'];
-    }
+    $category = Geeklog\Input::request('cid', '');
     $linkform->set_var('link_category_options', links_select_box(2, $category));
     $linkform->set_var('lang_description', $LANG12[15]);
     $linkform->set_var('lang_htmlnotallowed', $LANG12[35]);

diff --git a/plugins/links/install_defaults.php b/plugins/links/install_defaults.php
@@ -42,7 +42,7 @@
 * @package Links
 */
 
-if (strpos(strtolower($_SERVER['PHP_SELF']), 'install_defaults.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 

diff --git a/plugins/polls/configuration_validation.php b/plugins/polls/configuration_validation.php
@@ -30,7 +30,7 @@
 // |                                                                           |
 // +---------------------------------------------------------------------------+
 
-if (strpos(strtolower($_SERVER['PHP_SELF']), 'configuration_validation.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 

diff --git a/plugins/polls/functions.inc b/plugins/polls/functions.inc
@@ -40,7 +40,7 @@
  * @package Polls
  */
 
-if (stripos($_SERVER['PHP_SELF'], 'functions.inc') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own.');
 }
 
@@ -516,11 +516,7 @@ function POLLS_pollVote($pid, $showall = true, $displaytype = 0, $order = '', $m
                     $poll->set_var('edit_icon', $editlink);
                 }
 
-                if (array_key_exists('aid', $_POST)) {
-                    $aid = $_POST['aid'];
-                } else {
-                    $aid = array();
-                }
+                $aid = Geeklog\Input::fPost('aid', array());
 
                 for ($j = 0; $j < $nquestions; $j++) {
                     $Q = DB_fetchArray($questions);

diff --git a/plugins/polls/install_defaults.php b/plugins/polls/install_defaults.php
@@ -37,7 +37,7 @@
 * @package Polls
 */
 
-if (strpos(strtolower($_SERVER['PHP_SELF']), 'install_defaults.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 

diff --git a/plugins/spamx/BanUser.Action.class.php b/plugins/spamx/BanUser.Action.class.php
@@ -12,7 +12,7 @@
  * @subpackage Modules
  */
 
-if (stripos($_SERVER['PHP_SELF'], 'banuser.action.class.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 

diff --git a/plugins/spamx/BannedUsers.Examine.class.php b/plugins/spamx/BannedUsers.Examine.class.php
@@ -12,7 +12,7 @@
  * @subpackage Modules
  */
 
-if (stripos($_SERVER['PHP_SELF'], 'bannedusers.examine.class.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 

diff --git a/plugins/spamx/BaseAdmin.class.php b/plugins/spamx/BaseAdmin.class.php
@@ -38,14 +38,14 @@ public function __get($name)
      */
     protected function getAction()
     {
-        $action = '';
-
-        if (isset($_GET['action'])) {
-            $action = $_GET['action'];
-        } else if (isset($_POST['paction'])) {
-            $action = $_POST['paction'];
-        } else if (isset($_POST['delbutton_x']) && isset($_POST['delbutton_y'])) {
-            $action = 'mass_delete';
+        $action = Geeklog\Input::get('action', '');
+
+        if (empty($action)) {
+            $action = Geeklog\Input::post('paction', '');
+
+            if (empty($action) && isset($_POST['delbutton_x'], $_POST['delbutton_y'])) {
+                $action = 'mass_delete';
+            }
         }
 
         return $action;
@@ -58,12 +58,10 @@ protected function getAction()
      */
     protected function getEntry()
     {
-        $entry = '';
+        $entry = Geeklog\Input::fGet('entry', '');
 
-        if (isset($_GET['entry'])) {
-            $entry = COM_stripslashes($_GET['entry']);
-        } elseif (isset($_POST['pentry'])) {
-            $entry = COM_stripslashes($_POST['pentry']);
+        if (empty($entry)) {
+            $entry = Geeklog\Input::fPost('pentry', '');
         }
 
         return $entry;
@@ -176,7 +174,7 @@ public function fieldFunction($fieldName, $fieldValue, $A, $iconArr)
         if ($fieldName === 'id') {
             $retval = '<input type="checkbox" name="delitem[]" value="'
                 . $this->escape($fieldValue) . '"' . XHTML . '>';
-        } else if ($fieldName === 'value') {
+        } elseif ($fieldName === 'value') {
             $retval = COM_createLink(
                 $this->escape($fieldValue),
                 $_CONF['site_admin_url'] . '/plugins/spamx/index.php?'
@@ -188,7 +186,7 @@ public function fieldFunction($fieldName, $fieldValue, $A, $iconArr)
                 ))
             );
 
-        } else if ($fieldName === 'regdate') {
+        } elseif ($fieldName === 'regdate') {
             // Does nothing for now
         }
 
@@ -321,7 +319,7 @@ public function display()
 
                 case 'mass_delete':
                     if (isset($_POST['delitem'])) {
-                        $this->deleteSelectedEntries($_POST['delitem']);
+                        $this->deleteSelectedEntries(Geeklog\Input::post('delitem'));
                     }
 
                     break;

diff --git a/plugins/spamx/BlackList.Examine.class.php b/plugins/spamx/BlackList.Examine.class.php
@@ -11,7 +11,7 @@
  * @subpackage Modules
  */
 
-if (strpos(strtolower($_SERVER['PHP_SELF']), 'blacklist.examine.class.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 

diff --git a/plugins/spamx/DeleteComment.Action.class.php b/plugins/spamx/DeleteComment.Action.class.php
@@ -11,7 +11,7 @@
  * @subpackage Modules
  */
 
-if (stripos($_SERVER['PHP_SELF'], 'deletecomment.action.class.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 

diff --git a/plugins/spamx/EditBlackList.Admin.class.php b/plugins/spamx/EditBlackList.Admin.class.php
@@ -12,7 +12,7 @@
  * @subpackage Modules
  */
 
-if (stripos($_SERVER['PHP_SELF'], 'editblacklist.admin.class.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 
@@ -67,7 +67,7 @@ public function display()
 
                 case 'mass_delete':
                     if (isset($_POST['delitem'])) {
-                        $this->deleteSelectedEntries($_POST['delitem']);
+                        $this->deleteSelectedEntries(Geeklog\Input::post('delitem'));
                     }
 
                     break;

diff --git a/plugins/spamx/EditHeader.Admin.class.php b/plugins/spamx/EditHeader.Admin.class.php
@@ -12,7 +12,7 @@
  * @subpackage Modules
  */
 
-if (stripos($_SERVER['PHP_SELF'], 'editheader.admin.class.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 
@@ -86,10 +86,10 @@ public function display()
             $this->deleteEntry($entry);
         } elseif (($action === $LANG_SX00['addentry']) && SEC_checkToken()) {
             $entry = '';
-            $name = COM_applyFilter($_REQUEST['header-name']);
+            $name = Geeklog\Input::fRequest('header-name');
             $n = explode(':', $name);
             $name = $n[0];
-            $value = $_REQUEST['header-value'];
+            $value = Geeklog\Input::request('header-value');
 
             if (!empty($name) && !empty($value)) {
                 $entry = $name . ': ' . $value;

diff --git a/plugins/spamx/EditIP.Admin.class.php b/plugins/spamx/EditIP.Admin.class.php
@@ -12,7 +12,7 @@
  * @subpackage Modules
  */
 
-if (stripos($_SERVER['PHP_SELF'], 'editip.admin.class.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 

diff --git a/plugins/spamx/EditIPofURL.Admin.class.php b/plugins/spamx/EditIPofURL.Admin.class.php
@@ -12,7 +12,7 @@
  * @subpackage Modules
  */
 
-if (stripos($_SERVER['PHP_SELF'], 'editipofurl.admin.class.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 

diff --git a/plugins/spamx/EditSFS.Admin.class.php b/plugins/spamx/EditSFS.Admin.class.php
@@ -12,7 +12,7 @@
  * @subpackage Modules
  */
 
-if (stripos($_SERVER['PHP_SELF'], 'editsfs.admin.class.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 

diff --git a/plugins/spamx/Header.Examine.class.php b/plugins/spamx/Header.Examine.class.php
@@ -12,7 +12,7 @@
  * @subpackage Modules
  */
 
-if (stripos($_SERVER['PHP_SELF'], 'header.examine.class.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }
 

diff --git a/plugins/spamx/IP.Examine.class.php b/plugins/spamx/IP.Examine.class.php
@@ -11,7 +11,7 @@
  * @subpackage Modules
  */
 
-if (stripos($_SERVER['PHP_SELF'], 'ip.examine.class.php') !== false) {
+if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
     die('This file can not be used on its own!');
 }