Permalink
Browse files

Dev: I give up for isset VS !empty

Dev: Open a developpement issue
  • Loading branch information...
Shnoulle committed Jun 17, 2017
1 parent 6771f68 commit 9f8e5e39504ee9bb506a72b823cb3eb9eace4631
Showing with 3 additions and 3 deletions.
  1. +3 −3 application/core/Survey_Common_Action.php
@@ -145,7 +145,7 @@ private function _addPseudoParams($params)
/* Control sid,gid and qid params validity see #12434 */
// Fill param with according existing param, replace existing parameters.
// iGroupId/gid can be found with qid/iQuestionId
if(isset($params['iQuestionId']) && $params['iQuestionId']!=='') {
if(!empty($params['iQuestionId'])) {
if((string)(int)$params['iQuestionId']!==(string)$params['iQuestionId']) { // pgsql need filtering before find
throw new CHttpException(403,gT("Invalid question id"));
}
@@ -158,7 +158,7 @@ private function _addPseudoParams($params)
}
}
// iSurveyId/iSurveyID/sid can be found with gid/iGroupId
if(isset($params['iGroupId']) && $params['iGroupId']!=='') {
if(!empty($params['iGroupId'])) {
if((string)(int)$params['iGroupId']!==(string)$params['iGroupId']) { // pgsql need filtering before find
throw new CHttpException(403,gT("Invalid group id"));
}
@@ -171,7 +171,7 @@ private function _addPseudoParams($params)
}
}
// Finally control validity of sid
if(isset($params['iSurveyId']) && $params['iSurveyId']!=='') {
if(!empty($params['iSurveyId'])) {
if((string)(int)$params['iSurveyId']!==(string)$params['iSurveyId']) { // pgsql need filtering before find
// 403 mean The request was valid, but the server is refusing action.
throw new CHttpException(403,gT("Invalid survey id"));

0 comments on commit 9f8e5e3

Please sign in to comment.