public function ActionEdit(http\Request $request, http\Response $response)
{
- $field = new bugdar\Field(bugdar::$input->InputClean('g', 'field', http\Input::TYPE_STR));
+ $field = new bugdar\Field(filter_input(INPUT_GET, 'field', FILTER_SANITIZE_STRING));
$response->data['field'] = $field->Fetch();
$response->context['template'] = 'admin_fields_edit';
}
protected function _GetActionMethod(http\Request $request)
{
$method = parent::_GetActionMethod($request);
- if ($method === NULL)
- return 'ActionList';
- return $method;
+ return $method ? $method : 'ActionList';
}
}
if (can_perform('canadminpanel')) {
$stmt = bugdar::$db->Prepare("SELECT * FROM ". TABLE_PREFIX . "adminsession WHERE sessionid = ?");
- $stmt->Execute(array(bugdar::$input->InputClean('c', $cookie, http\Input::TYPE_STR)));
+ $stmt->Execute([ filter_input(INPUT_COOKIE, $cookie, FILTER_SANITIZE_STRING) ]);
$session = $stmt->FetchObject();
if ($session && $session->userid == bugdar::$user['userid'] && $session->dateline >= TIMENOW - 3600) {
use \bugdar;
use \hoplite\http;
-require_once HOPLITE_ROOT . '/http/action.php';
+require_once HOPLITE_ROOT . '/http/rest_action.php';
require_once BUGDAR_ROOT . '/includes/functions_datastore.php';
-class SettingsAction extends http\Action implements TemplatePreCaching
+class SettingsAction extends http\RestAction implements TemplatePreCaching
{
public function TemplateSet()
{
- return array('admin_settings');
+ return ['admin_settings'];
}
- public function Invoke(http\Request $request, http\Response $response)
+ public function DoGet(http\Request $request, http\Response $response)
{
// TODO(port): global.
global $bugsys;
$response->context['template'] = 'admin_settings';
$response->data['timezone_list'] = $bugsys->datef->fetch_timezone_list();
+ }
- // Save settings on POST.
- if ($request->http_method == 'POST') {
- $query_bits = array();
- $values = array();
- foreach ($request->data['_POST']['settings'] AS $varname => $value) {
- $query_bits[] = '(?,?)';
- array_push($values, $varname, $value);
- }
+ public function DoPost(http\Request $request, http\Response $response)
+ {
+ $query_bits = array();
+ $values = array();
+ foreach ($request->data['_POST']['settings'] AS $varname => $value) {
+ $query_bits[] = '(?,?)';
+ array_push($values, $varname, $value);
+ }
- $query = bugdar::$db->Prepare("
- REPLACE into " . TABLE_PREFIX . "setting
- (varname, value)
- VALUES " . implode(', ', $query_bits));
- $query->Execute($values);
+ $query = bugdar::$db->Prepare("
+ REPLACE into " . TABLE_PREFIX . "setting
+ (varname, value)
+ VALUES " . implode(', ', $query_bits));
+ $query->Execute($values);
- build_settings();
+ build_settings();
- $this->controller()->StopWithRedirect($this->controller()->MakeURL('/settings'));
- }
+ $this->controller()->StopWithRedirect($this->controller()->MakeURL('/settings'));
}
}