Skip to content
Permalink
Browse files

Retrieve parameters from $_POST in insert/edit pages

Signed-off-by: Maurício Meneghini Fauth <mauriciofauth@gmail.com>
  • Loading branch information...
mauriciofauth committed Jul 18, 2018
1 parent ca06ecc commit 3d9ed655cc6107bd0e8e6d5f5a5f58d0fc791564
Showing with 118 additions and 118 deletions.
  1. +47 −47 libraries/classes/InsertEdit.php
  2. +41 −41 tbl_replace.php
  3. +30 −30 test/classes/InsertEditTest.php
@@ -79,8 +79,8 @@ public function getFormParametersForInsertForm(
$_form_params['where_clause[' . $key_id . ']'] = trim($where_clause);
}
}
if (isset($_REQUEST['clause_is_unique'])) {
$_form_params['clause_is_unique'] = $_REQUEST['clause_is_unique'];
if (isset($_POST['clause_is_unique'])) {
$_form_params['clause_is_unique'] = $_POST['clause_is_unique'];
}
return $_form_params;
}
@@ -280,13 +280,13 @@ public function showTypeOrFunction($which, array $url_params, $is_show)
$this_url_params = array_merge($url_params, $params);
if (! $is_show) {
return ' : <a href="tbl_change.php'
. Url::getCommon($this_url_params) . '">'
return ' : <a href="tbl_change.php" data-post="'
. Url::getCommon($this_url_params, '') . '">'
. $this->showTypeOrFunctionLabel($which)
. '</a>';
}
return '<th><a href="tbl_change.php'
. Url::getCommon($this_url_params)
return '<th><a href="tbl_change.php" data-post="'
. Url::getCommon($this_url_params, '')
. '" title="' . __('Hide') . '">'
. $this->showTypeOrFunctionLabel($which)
. '</a></th>';
@@ -1120,7 +1120,7 @@ private function getDropDownDependingOnLength(
$html_output .= '<option value="' . $enum_value['html'] . '"';
if ($data == $enum_value['plain']
|| ($data == ''
&& (! isset($_REQUEST['where_clause']) || $column['Null'] != 'YES')
&& (! isset($_POST['where_clause']) || $column['Null'] != 'YES')
&& isset($column['Default'])
&& $enum_value['plain'] == $column['Default'])
) {
@@ -1176,7 +1176,7 @@ private function getRadioButtonDependingOnLength(
. ' ' . $onChangeClause;
if ($data == $enum_value['plain']
|| ($data == ''
&& (! isset($_REQUEST['where_clause']) || $column['Null'] != 'YES')
&& (! isset($_POST['where_clause']) || $column['Null'] != 'YES')
&& isset($column['Default'])
&& $enum_value['plain'] == $column['Default'])
) {
@@ -1737,7 +1737,7 @@ public function getContinueInsertionForm(
'err_url' => $err_url,
'goto' => $GLOBALS['goto'],
'sql_query' => isset($_POST['sql_query']) ? $_POST['sql_query'] : null,
'has_where_clause' => isset($_REQUEST['where_clause']),
'has_where_clause' => isset($_POST['where_clause']),
'insert_rows_default' => $GLOBALS['cfg']['InsertRows'],
]);
}
@@ -2019,8 +2019,8 @@ private function getSpecialCharsAndBackupFieldForExistingRow(
//when copying row, it is useful to empty auto-increment column
// to prevent duplicate key error
if (isset($_REQUEST['default_action'])
&& $_REQUEST['default_action'] === 'insert'
if (isset($_POST['default_action'])
&& $_POST['default_action'] === 'insert'
) {
if ($column['Key'] === 'PRI'
&& mb_strpos($column['Extra'], 'auto_increment') !== false
@@ -2099,29 +2099,29 @@ private function getSpecialCharsAndBackupFieldForInsertingMode(
*/
public function getParamsForUpdateOrInsert()
{
if (isset($_REQUEST['where_clause'])) {
if (isset($_POST['where_clause'])) {
// we were editing something => use the WHERE clause
$loop_array = is_array($_REQUEST['where_clause'])
? $_REQUEST['where_clause']
: array($_REQUEST['where_clause']);
$loop_array = is_array($_POST['where_clause'])
? $_POST['where_clause']
: array($_POST['where_clause']);
$using_key = true;
$is_insert = isset($_REQUEST['submit_type'])
&& ($_REQUEST['submit_type'] == 'insert'
|| $_REQUEST['submit_type'] == 'showinsert'
|| $_REQUEST['submit_type'] == 'insertignore');
$is_insert = isset($_POST['submit_type'])
&& ($_POST['submit_type'] == 'insert'
|| $_POST['submit_type'] == 'showinsert'
|| $_POST['submit_type'] == 'insertignore');
} else {
// new row => use indexes
$loop_array = array();
if (! empty($_REQUEST['fields'])) {
foreach ($_REQUEST['fields']['multi_edit'] as $key => $dummy) {
if (! empty($_POST['fields'])) {
foreach ($_POST['fields']['multi_edit'] as $key => $dummy) {
$loop_array[] = $key;
}
}
$using_key = false;
$is_insert = true;
}
$is_insertignore = isset($_REQUEST['submit_type'])
&& $_REQUEST['submit_type'] == 'insertignore';
$is_insertignore = isset($_POST['submit_type'])
&& $_POST['submit_type'] == 'insertignore';
return array($loop_array, $using_key, $is_insert, $is_insertignore);
}
@@ -2133,11 +2133,11 @@ public function getParamsForUpdateOrInsert()
*/
public function isInsertRow()
{
if (isset($_REQUEST['insert_rows'])
&& is_numeric($_REQUEST['insert_rows'])
&& $_REQUEST['insert_rows'] != $GLOBALS['cfg']['InsertRows']
if (isset($_POST['insert_rows'])
&& is_numeric($_POST['insert_rows'])
&& $_POST['insert_rows'] != $GLOBALS['cfg']['InsertRows']
) {
$GLOBALS['cfg']['InsertRows'] = $_REQUEST['insert_rows'];
$GLOBALS['cfg']['InsertRows'] = $_POST['insert_rows'];
$response = Response::getInstance();
$header = $response->getHeader();
$scripts = $header->getScripts();
@@ -2197,8 +2197,8 @@ public function setSessionForEditNext($one_where_clause)
public function getGotoInclude($goto_include)
{
$valid_options = array('new_insert', 'same_insert', 'edit_next');
if (isset($_REQUEST['after_insert'])
&& in_array($_REQUEST['after_insert'], $valid_options)
if (isset($_POST['after_insert'])
&& in_array($_POST['after_insert'], $valid_options)
) {
$goto_include = 'tbl_change.php';
} elseif (! empty($GLOBALS['goto'])) {
@@ -2232,8 +2232,8 @@ public function getGotoInclude($goto_include)
*/
public function getErrorUrl(array $url_params)
{
if (isset($_REQUEST['err_url'])) {
return $_REQUEST['err_url'];
if (isset($_POST['err_url'])) {
return $_POST['err_url'];
}
return 'tbl_change.php' . Url::getCommon($url_params);
@@ -2242,7 +2242,7 @@ public function getErrorUrl(array $url_params)
/**
* Builds the sql query
*
* @param boolean $is_insertignore $_REQUEST['submit_type'] == 'insertignore'
* @param boolean $is_insertignore $_POST['submit_type'] == 'insertignore'
* @param array $query_fields column names array
* @param array $value_sets array of query values
*
@@ -2292,7 +2292,7 @@ public function executeSqlQuery(array $url_params, array $query)
$error_messages = array();
foreach ($query as $single_query) {
if ($_REQUEST['submit_type'] == 'showinsert') {
if ($_POST['submit_type'] == 'showinsert') {
$last_messages[] = Message::notice(__('Showing SQL query'));
continue;
}
@@ -2482,7 +2482,7 @@ public function transformEditedValues(
$_url_params = array(
'db' => $db,
'table' => $table,
'where_clause' => $_REQUEST['where_clause'],
'where_clause' => $_POST['where_clause'],
'transform_key' => $column_name
);
$transform_options = Transformations::getOptions(
@@ -2719,10 +2719,10 @@ public function getCurrentValueForDifferentTypes(
$current_value = "''";
}
} elseif ($type == 'set') {
if (! empty($_REQUEST['fields']['multi_edit'][$rownumber][$key])) {
if (! empty($_POST['fields']['multi_edit'][$rownumber][$key])) {
$current_value = implode(
',',
$_REQUEST['fields']['multi_edit'][$rownumber][$key]
$_POST['fields']['multi_edit'][$rownumber][$key]
);
$current_value = "'"
. $this->dbi->escapeString($current_value) . "'";
@@ -2803,7 +2803,7 @@ public function verifyWhetherValueCanBeTruncatedAndAppendExtraData(
. Util::backquote($column_name)
. ' FROM ' . Util::backquote($db) . '.'
. Util::backquote($table)
. ' WHERE ' . $_REQUEST['where_clause'][0];
. ' WHERE ' . $_POST['where_clause'][0];
$result = $this->dbi->tryQuery($sql_for_real_value);
$fields_meta = $this->dbi->getFieldsMeta($result);
@@ -2849,23 +2849,23 @@ public function getTableColumns($db, $table)
*/
public function determineInsertOrEdit($where_clause, $db, $table)
{
if (isset($_REQUEST['where_clause'])) {
$where_clause = $_REQUEST['where_clause'];
if (isset($_POST['where_clause'])) {
$where_clause = $_POST['where_clause'];
}
if (isset($_SESSION['edit_next'])) {
$where_clause = $_SESSION['edit_next'];
unset($_SESSION['edit_next']);
$after_insert = 'edit_next';
}
if (isset($_REQUEST['ShowFunctionFields'])) {
$GLOBALS['cfg']['ShowFunctionFields'] = $_REQUEST['ShowFunctionFields'];
if (isset($_POST['ShowFunctionFields'])) {
$GLOBALS['cfg']['ShowFunctionFields'] = $_POST['ShowFunctionFields'];
}
if (isset($_REQUEST['ShowFieldTypesInDataEditView'])) {
if (isset($_POST['ShowFieldTypesInDataEditView'])) {
$GLOBALS['cfg']['ShowFieldTypesInDataEditView']
= $_REQUEST['ShowFieldTypesInDataEditView'];
= $_POST['ShowFieldTypesInDataEditView'];
}
if (isset($_REQUEST['after_insert'])) {
$after_insert = $_REQUEST['after_insert'];
if (isset($_POST['after_insert'])) {
$after_insert = $_POST['after_insert'];
}
if (isset($where_clause)) {
@@ -2890,8 +2890,8 @@ public function determineInsertOrEdit($where_clause, $db, $table)
// Copying a row - fetched data will be inserted as a new row,
// therefore the where clause is needless.
if (isset($_REQUEST['default_action'])
&& $_REQUEST['default_action'] === 'insert'
if (isset($_POST['default_action'])
&& $_POST['default_action'] === 'insert'
) {
$where_clause = $where_clauses = null;
}

0 comments on commit 3d9ed65

Please sign in to comment.
You can’t perform that action at this time.