Clean up PHP_SELF usage

opendocman · Jan 9, 2016 · b11ee8e · b11ee8e
1 parent 8cdd25b
commit b11ee8e
Show file tree

Hide file tree

Showing 14 changed files with 53 additions and 62 deletions.
diff --git a/category.php b/category.php
@@ -172,8 +172,7 @@
     draw_header(msg('area_delete_category'). ' : ' .msg('choose'), $last_message);
     ?>
     <table border="0" cellspacing="5" cellpadding="5">
-        <form action="<?php echo e::h($_SERVER['PHP_SELF']);
-    ?>" method="POST" enctype="multipart/form-data">
+        <form action="category.php" method="POST" enctype="multipart/form-data">
             <input type="hidden" name="state" value="<?php echo(e::h($_REQUEST['state']+1));
     ?>">
             <tr>
@@ -253,8 +252,7 @@
     draw_header(msg('area_view_category') . ' : ' . msg('choose'), $last_message);
     ?>
     <table border="0" cellspacing="5" cellpadding="5">
-        <form action="<?php echo e::h($_SERVER['PHP_SELF']);
-    ?>" method="POST" enctype="multipart/form-data">
+        <form action="category.php" method="POST" enctype="multipart/form-data">
             <input type="hidden" name="state" value="<?php echo(e::h($_REQUEST['state']+1));
     ?>">
             <tr>
@@ -334,8 +332,7 @@
 } elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'updatepick') {
     draw_header(msg('area_update_category'). ': ' .msg('choose'), $last_message);
     ?>
-    <form action="<?php echo e::h($_SERVER['PHP_SELF']);
-    ?>" method="POST" enctype="multipart/form-data">
+    <form action="category.php" method="POST" enctype="multipart/form-data">
         <input type="hidden" name="state" value="<?php echo(e::h($_REQUEST['state']+1));
     ?>">
         <table border="0">

diff --git a/check-in.php b/check-in.php
@@ -83,8 +83,7 @@
         // start displaying form
         ?>
 <table border="0" cellspacing="5" cellpadding="5">
-    <form action="<?php echo e::h($_SERVER['PHP_SELF']);
-        ?>" method="POST" enctype="multipart/form-data">
+    <form action="check-in.php" method="POST" enctype="multipart/form-data">
         <input type="hidden" name="id" value="<?php echo e::h($_GET['id']);
         ?>">
         <tr>

diff --git a/check-out.php b/check-out.php
@@ -61,8 +61,7 @@
 
 <p>
 
-<form action="<?php echo e::h($_SERVER['PHP_SELF']);
-    ?>" method="get">
+<form action="check-out.php" method="get">
     <input type="hidden" name="id" value="<?php echo e::h($_GET['id']);
     ?>">
     <input type="hidden" name="access_right" value="<?php echo e::h($_GET['access_right']);

diff --git a/department.php b/department.php
@@ -226,8 +226,7 @@
     $showpick='';
     ?>
                             <table border="0" cellspacing="5" cellpadding="5">
-                                <form action="<?php echo e::h($_SERVER['PHP_SELF']);
-    ?>" method="POST" enctype="multipart/form-data">
+                                <form action="department.php" method="POST" enctype="multipart/form-data">
                                     <tr>
                                     <input type="hidden" name="state" value="<?php echo(e::h($_GET['state']+1));
     ?>">
@@ -331,8 +330,7 @@
     draw_header(msg('department') . ': ' . msg('label_delete'), $last_message);
     ?>
     <table border="0" cellspacing="5" cellpadding="5">
-        <form action="<?php echo e::h($_SERVER['PHP_SELF']);
-    ?>" method="POST" enctype="multipart/form-data">
+        <form action="department.php" method="POST" enctype="multipart/form-data">
             <input type="hidden" name="state" value="<?php echo(e::h($_REQUEST['state']+1));
     ?>">
             <tr>
@@ -476,8 +474,7 @@
 } elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'updatepick') {
     draw_header(msg('area_choose_department'), $last_message);
     ?>
-                            <form action="<?php echo e::h($_SERVER['PHP_SELF']);
-    ?>" method="GET" enctype="multipart/form-data">
+                            <form action="department.php" method="GET" enctype="multipart/form-data">
                                 <INPUT type="hidden" name="state" value="<?php echo(e::h($_REQUEST['state']+1));
     ?>">
                                 <table border="0" cellspacing="5" cellpadding="5">

diff --git a/details.php b/details.php
@@ -1,5 +1,5 @@
 <?php
-
+use Aura\Html\Escaper as e;
 /*
   details.php - display file information  check for session
   Copyright (C) 2002-2007 Stephen Lawrence Jr., Khoa Nguyen, Jon Miner
@@ -30,30 +30,31 @@
 
 include('udf_functions.php');
 
-$last_message = isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : '';
-
-$full_requestId = $_REQUEST['id'];
+$last_message = isset($_GET['last_message']) ? $_GET['last_message'] : '';
 
-// in case this file is accessed directly - check for $_REQUEST['id']
-if (!isset($_REQUEST['id']) || $_REQUEST['id'] == "") {
+// in case this file is accessed directly - check for $_GET['id']
+if (!isset($_GET['id']) || $_GET['id'] == "") {
     header('Location:error.php?ec=2');
     exit;
 }
 
-if (strchr($_REQUEST['id'], '_')) {
-    list($_REQUEST['id'], $revision_id) = explode('_', $_REQUEST['id']);
+$full_requestId = $_GET['id'];
+
+if (strchr($_GET['id'], '_')) {
+    list($_GET['id'], $revision_id) = explode('_', $_GET['id']);
     $pageTitle = msg('area_file_details') . ' ' . msg('revision') . ' #' . $revision_id;
-    $file_size = display_filesize($GLOBALS['CONFIG']['revisionDir'] . $_REQUEST['id'] . '/' . $_REQUEST['id'] . '_' . $revision_id . '.dat');
+    $file_size = display_filesize($GLOBALS['CONFIG']['revisionDir'] . $_GET['id'] . '/' . $_GET['id'] . '_' . $revision_id . '.dat');
 } else {
     $pageTitle = msg('area_file_details');
 }
 
 draw_header(msg('area_file_details'), $last_message);
 
-$request_id = $_REQUEST['id']; //save an original copy of id
+$request_id = (int) $_GET['id']; //save an original copy of id
+$state = (int) $_GET['state'];
 
-$file_data_obj = new FileData($_REQUEST['id'], $pdo);
-checkUserPermission($_REQUEST['id'], $file_data_obj->VIEW_RIGHT, $file_data_obj);
+$file_data_obj = new FileData($request_id, $pdo);
+checkUserPermission($request_id, $file_data_obj->VIEW_RIGHT, $file_data_obj);
 $user_perms_obj = new User_Perms($_SESSION['uid'], $pdo);
 
 $user_permission_obj = new UserPermission($_SESSION['uid'], $pdo);
@@ -100,18 +101,18 @@
 }
 
 if ($file_data_obj->isArchived()) {
-    $filename = $GLOBALS['CONFIG']['archiveDir'] . $_REQUEST['id'] . '.dat';
+    $filename = $GLOBALS['CONFIG']['archiveDir'] . $request_id . '.dat';
     $file_size = display_filesize($filename);
 } else {
-    $filename = $GLOBALS['CONFIG']['dataDir'] . $_REQUEST['id'] . '.dat';
+    $filename = $GLOBALS['CONFIG']['dataDir'] . $request_id . '.dat';
 
     if (!isset($file_size)) {
         $file_size = display_filesize($filename);
     }
 }
 
 // display red or green icon depending on file status
-if ($status == 0 && $user_perms_obj->canView($_REQUEST['id'])) {
+if ($status == 0 && $user_perms_obj->canView($request_id)) {
     $file_unlocked = true;
 } else {
     $file_unlocked = false;
@@ -138,7 +139,7 @@
           l.modified_on DESC";
     $stmt = $pdo->prepare($query);
     $stmt->execute(array(
-        ':log_id' => $_REQUEST['id'],
+        ':log_id' => $request_id,
         ':revision_id' => $revision_id
     ));
     $revisionData = $stmt->fetchAll();
@@ -162,7 +163,7 @@
     ";
     $stmt = $pdo->prepare($query);
     $stmt->execute(array(
-        ':log_id' => $_REQUEST['id']
+        ':log_id' => $request_id
     ));
     $revisionData = $stmt->fetchAll();
 }
@@ -215,8 +216,8 @@
 }
 
 // Can they Read?
-if ($user_permission_obj->getAuthority($_REQUEST['id'], $file_data_obj) >= $user_permission_obj->READ_RIGHT) {
-    $view_link = "view_file.php?id=$full_requestId" . '&state=' . ($_REQUEST['state'] + 1);
+if ($user_permission_obj->getAuthority($request_id, $file_data_obj) >= $user_permission_obj->READ_RIGHT) {
+    $view_link = 'view_file.php?id=' . e::h($full_requestId) . '&state=' . ($state + 1);
     $GLOBALS['smarty']->assign('view_link', $view_link);
 }
 
@@ -225,27 +226,27 @@
     // check if user has modify rights
 
     $user_perms = new UserPermission($_SESSION['uid'], $GLOBALS['pdo']);
-    if ($user_perms->getAuthority($_REQUEST['id'], $file_data_obj) >= $user_perms->WRITE_RIGHT && !isset($revision_id) && !$file_data_obj->isArchived()) {
+    if ($user_perms->getAuthority($request_id, $file_data_obj) >= $user_perms->WRITE_RIGHT && !isset($revision_id) && !$file_data_obj->isArchived()) {
         // if so, display link for checkout
-        $check_out_link = "check-out.php?id=$request_id" . '&state=' . ($_REQUEST['state'] + 1) . '&access_right=modify';
+        $check_out_link = "check-out.php?id=$request_id" . '&state=' . ($state + 1) . '&access_right=modify';
         $GLOBALS['smarty']->assign('check_out_link', $check_out_link);
     }
 
 
-    if ($user_permission_obj->getAuthority($_REQUEST['id'], $file_data_obj) >= $user_permission_obj->ADMIN_RIGHT && !@isset($revision_id) && !$file_data_obj->isArchived()) {
+    if ($user_permission_obj->getAuthority($request_id, $file_data_obj) >= $user_permission_obj->ADMIN_RIGHT && !@isset($revision_id) && !$file_data_obj->isArchived()) {
         // if user is also the owner of the file AND file is not checked out
         // additional actions are available 
-        $edit_link = "edit.php?id=$_REQUEST[id]&state=" . ($_REQUEST['state'] + 1);
+        $edit_link = "edit.php?id=$request_id&state=" . ($state + 1);
         $GLOBALS['smarty']->assign('edit_link', $edit_link);
     }
 }
 
 ////end if ($status == 0)
 // ability to view revision history is always available 
 // put it outside the block
-$history_link = "history.php?id=$request_id&state=" . ($_REQUEST['state'] + 1);
-$comments_link = 'toBePublished.php?submit=comments&id=' . $_REQUEST['id'];
-$my_delete_link = 'delete.php?mode=tmpdel&id0=' . $_REQUEST['id'];
+$history_link = "history.php?id=$request_id&state=" . ($state + 1);
+$comments_link = 'toBePublished.php?submit=comments&id=' . $request_id;
+$my_delete_link = 'delete.php?mode=tmpdel&id0=' . $request_id;
 
 $GLOBALS['smarty']->assign('history_link', $history_link);
 $GLOBALS['smarty']->assign('comments_link', $comments_link);

diff --git a/file_ops.php b/file_ops.php
@@ -37,13 +37,13 @@
 }
 $flag = 0;
 if (isset($_GET['submit']) && $_GET['submit'] == 'view_checkedout') {
-    echo PHP_EOL . '<form name="table" action="' . e::h($_SERVER['PHP_SELF']) . '" method="POST">';
+    echo PHP_EOL . '<form name="table" action="file_ops.php" method="POST">';
     echo PHP_EOL . '<input name="submit" type="hidden" value="Clear Status">';
     draw_header(msg('label_checked_out_files'), $last_message);
 
     $file_id_array = $user_obj->getCheckedOutFiles();
 
-    $page_url = e::h($_SERVER['PHP_SELF']) . '?';
+    $page_url = 'file_ops.php?';
     $user_perm_obj = new UserPermission($_SESSION['uid'], $pdo);
     $list_status = list_files($file_id_array, $user_perm_obj, $GLOBALS['CONFIG']['dataDir'], true, true);
     if ($list_status != -1) {
@@ -59,7 +59,7 @@
             $file_obj->setStatus(0);
         }
     }
-    header('Location:' . e::h($_SERVER['PHP_SELF']) . '?state=2&submit=view_checkedout');
+    header('Location:file_ops.php?state=2&submit=view_checkedout');
 } else {
     echo 'Nothing to do';
 }
diff --git a/profile.php b/profile.php
@@ -34,7 +34,7 @@
 
 <html>
     <br><br>
-    <INPUT type="hidden" name="callee" value="<?php echo e::h($_SERVER['PHP_SELF']); ?>">
+    <INPUT type="hidden" name="callee" value="profile.php">
     <table name="list" align="center" border="0">
            <tr><td><a href="user.php?submit=Modify+User&item=<?php echo $_SESSION['uid']; ?>"><?php echo msg('profilepage_update_profile')?></a></td></tr>
                         </table>

diff --git a/rejects.php b/rejects.php
@@ -35,7 +35,6 @@
 
 if (!isset($_POST['submit'])) {
     draw_header(msg('message_documents_rejected'), $last_message);
-    $page_url = e::h($_SERVER['PHP_SELF']) . '?mode=' . @$_REQUEST['mode'];
 
     $user_obj = new User($_SESSION['uid'], $pdo);
     $user_perms_obj = new UserPermission($_SESSION['uid'], $pdo);
@@ -46,9 +45,9 @@
     }
 
     if (@$_REQUEST['mode']=='root') {
-        echo '<form name="author_note_form" action="' . e::h($_SERVER['PHP_SELF']) . '?mode=root"' . ' method="post">';
+        echo '<form name="author_note_form" action="rejects.php?mode=root" method="post">';
     } else {
-        echo '<form name="author_note_form" action="' . e::h($_SERVER['PHP_SELF']) . '" method="post">';
+        echo '<form name="author_note_form" action="rejects.php" method="post">';
     }
     ?>
 <table border="0">
@@ -84,7 +83,7 @@
            draw_footer();
 } elseif (isset($_POST['submit']) && $_POST['submit'] == 'resubmit') {
     if (!isset($_REQUEST['checkbox'])) {
-        header('Location: ' . e::h($_SERVER['PHP_SELF']) . '?last_message=' . urlencode(msg('message_you_did_not_enter_value')));
+        header('Location:rejects.php?last_message=' . urlencode(msg('message_you_did_not_enter_value')));
         exit;
     }
 
@@ -95,10 +94,10 @@
             $file_obj->Publishable(0);
         }
     }
-    header('Location:' . e::h($_SERVER['PHP_SELF']) . '?mode=' . urlencode(@$_REQUEST['mode']) . '&last_message='. urlencode(msg('message_file_authorized')));
+    header('Location:rejects.php?mode=' . urlencode(@$_REQUEST['mode']) . '&last_message='. urlencode(msg('message_file_authorized')));
 } elseif ($_POST['submit'] == 'delete') {
     if (!isset($_REQUEST['checkbox'])) {
-        header('Location: ' . e::h($_SERVER['PHP_SELF']) . '?last_message=' . urlencode(msg('message_you_did_not_enter_value')));
+        header('Location: rejects.php?last_message=' . urlencode(msg('message_you_did_not_enter_value')));
         exit;
     }
 

diff --git a/search.php b/search.php
@@ -50,8 +50,7 @@
     <p>
 
     <table border="0" cellspacing="5" cellpadding="5">
-        <form action=<?php echo e::h($_SERVER['PHP_SELF']);
-    ?> method="get">
+        <form action="search.php" method="get">
 
             <tr>
                 <td valign="top"><b><?php echo msg('label_search_term');

diff --git a/templates/common/add.tpl b/templates/common/add.tpl
@@ -3,7 +3,7 @@
 <script type="text/javascript" src="functions.js"></script>
 
 <!-- file upload formu using ENCTYPE -->
-<form id="addeditform" name="main" action="{$smarty.server.PHP_SELF|escape:'html'}" method="POST" enctype="multipart/form-data" onsubmit="return checksec();">
+<form id="addeditform" name="main" action="add.php" method="POST" enctype="multipart/form-data" onsubmit="return checksec();">
     <input type="hidden" id="db_prefix" value="{$db_prefix|escape:'html'}" />
 <table border="0" cellspacing="5" cellpadding="5">
 {assign var='i' value='0'}    

diff --git a/templates/common/commentform.tpl b/templates/common/commentform.tpl
@@ -2,9 +2,9 @@
                 {$g_lang_email_note_to_authors}
 		<form name="author_note_form"
 			{if $mode eq 'root'}
-			 action="{$smarty.server.PHP_SELF|escape:'html'}?mode=root" method="POST">
+			 action="toBePublished.php?mode=root" method="POST">
 			{else}
-			 action="{$smarty.server.PHP_SELF|escape:'html'}" method="POST">
+			 action="toBePublished.php" method="POST">
                         {/if}
 		<table name="author_note_table">
 		<tr>

diff --git a/templates/common/details.tpl b/templates/common/details.tpl
@@ -108,7 +108,7 @@
 	function my_delete()
 	{
 		if(window.confirm("{/literal}{$g_lang_detailspage_are_sure}{literal}")) {	
-		window.location = "{/literal}{$my_delete_link|escape}{literal}";
+		window.location = "{/literal}{$my_delete_link}{literal}";
 		}
 	}
 	function sendFields()

diff --git a/templates/views/access_log.php b/templates/views/access_log.php
@@ -1,6 +1,6 @@
 <?php use Aura\Html\Escaper as e; ?>
 <div id="filetable_wrapper">
-<form name="table" method="post" action="<?= e::h($_SERVER['PHP_SELF']) ?>">
+<form name="table" method="post" action="access_log.php">
     <table id="filetable" class="display" border="0" cellpadding="1" cellspacing="1">
     <thead>
         <tr>

diff --git a/toBePublished.php b/toBePublished.php
@@ -56,7 +56,7 @@
     }
 } elseif (isset($_REQUEST['submit']) && ($_REQUEST['submit'] =='commentAuthorize' || $_REQUEST['submit'] == 'commentReject')) {
     if (!isset($_REQUEST['checkbox'])) {
-        header('Location: ' . e::h($_SERVER['PHP_SELF']) . '?last_message=' . urlencode(msg('message_you_did_not_enter_value')));
+        header('Location: toBePublished.php?last_message=' . urlencode(msg('message_you_did_not_enter_value')));
     }
 
     draw_header(msg('label_comment'), $last_message);
@@ -178,7 +178,7 @@
             }
         } else {
             // If their user cannot reject this file_id, display error
-            header("Location:" . e::h($_SERVER[PHP_SELF]) . "?last_message=" .urlencode(msg('message_error_performing_action')));
+            header("Location:toBePublished.php?last_message=" .urlencode(msg('message_error_performing_action')));
         }
     }
     header("Location: out.php?last_message=" .urlencode(msg('message_file_rejected')));
@@ -259,7 +259,7 @@
             }
         } else {
             // If their user cannot authorize this file_id, display error
-            header("Location:" . e::h($_SERVER[PHP_SELF]) . "?last_message=" .urlencode(msg('message_error_performing_action')));
+            header("Location:toBePublished.php?last_message=" .urlencode(msg('message_error_performing_action')));
         }
     }
     header('Location: out.php?last_message=' .urlencode(msg('message_file_authorized')));