From 83db9988a626bfb20a6c322839898131a88416cf Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Thu, 26 Jun 2008 11:04:19 -0400 Subject: [PATCH] Change $bugsys->input_clean to $input->inputClean --- admin/field.php | 2 +- admin/language.php | 2 +- admin/permission.php | 10 +++++----- admin/priority.php | 2 +- admin/product.php | 28 ++++++++++++++-------------- admin/resolution.php | 2 +- admin/severity.php | 2 +- admin/status.php | 2 +- admin/user.php | 8 ++++---- admin/usergroup.php | 14 +++++++------- attachment.php | 6 +++--- editreport.php | 4 ++-- favorite.php | 2 +- install/convert_database_charset.php | 2 +- install/global.php | 2 +- login.php | 2 +- register.php | 2 +- search.php | 26 +++++++++++++------------- showhistory.php | 2 +- showreport.php | 2 +- userctrl.php | 8 ++++---- viewattachment.php | 2 +- vote.php | 4 ++-- 23 files changed, 68 insertions(+), 68 deletions(-) diff --git a/admin/field.php b/admin/field.php index 2ebb761..e2ed38f 100644 --- a/admin/field.php +++ b/admin/field.php @@ -122,7 +122,7 @@ if ($_REQUEST['do'] == 'update') $fieldid = $field->values['fieldid']; } - $bugsys->input_clean('custom', TYPE_UINT); + $input->inputClean('custom', TYPE_UINT); foreach ($bugsys->in['custom'] AS $usergroupid => $mask) { $values[] = $bugsys->clean($usergroupid, TYPE_UINT) . ", $fieldid, " . $mask; diff --git a/admin/language.php b/admin/language.php index 9d813d8..7fb56d0 100644 --- a/admin/language.php +++ b/admin/language.php @@ -56,7 +56,7 @@ if ($_REQUEST['do'] == 'kill') if ($_REQUEST['do'] == 'delete') { - $admin->page_confirm(T('Are you sure you want to delete this language?'), 'language.php', 'kill', array('languageid' => $bugsys->input_clean('languageid', TYPE_UINT))); + $admin->page_confirm(T('Are you sure you want to delete this language?'), 'language.php', 'kill', array('languageid' => $input->inputClean('languageid', TYPE_UINT))); } // ################################################################### diff --git a/admin/permission.php b/admin/permission.php index a0d1208..7075a3b 100755 --- a/admin/permission.php +++ b/admin/permission.php @@ -75,8 +75,8 @@ if (empty($_REQUEST['do'])) if ($_REQUEST['do'] == 'kill') { - $bugsys->input_clean('usergroupid', TYPE_UINT); - $db->query("DELETE FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . $bugsys->in['usergroupid'] . " AND productid = " . $bugsys->input_clean('productid', TYPE_UINT)); + $input->inputClean('usergroupid', TYPE_UINT); + $db->query("DELETE FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . $bugsys->in['usergroupid'] . " AND productid = " . $input->inputClean('productid', TYPE_UINT)); build_permissions(); @@ -87,14 +87,14 @@ if ($_REQUEST['do'] == 'kill') if ($_REQUEST['do'] == 'delete') { - $admin->page_confirm(T('Are you sure you want to revert this permission mask?'), 'permission.php', 'kill', array('usergroupid' => $bugsys->input_clean('usergroupid', TYPE_UINT), 'productid' => $bugsys->input_clean('productid', TYPE_UINT))); + $admin->page_confirm(T('Are you sure you want to revert this permission mask?'), 'permission.php', 'kill', array('usergroupid' => $input->inputClean('usergroupid', TYPE_UINT), 'productid' => $input->inputClean('productid', TYPE_UINT))); } // ################################################################### if ($_REQUEST['do'] == 'edit') { - $bugsys->input_clean_array(array( + $input->inputClean_array(array( 'usergroupid' => TYPE_UINT, 'productid' => TYPE_UINT )); @@ -146,7 +146,7 @@ if ($_REQUEST['do'] == 'edit') if ($_POST['do'] == 'update') { - $bugsys->input_clean_array(array( + $input->inputClean_array(array( 'perm' => TYPE_UINT, 'usergroupid' => TYPE_UINT, 'productid' => TYPE_UINT diff --git a/admin/priority.php b/admin/priority.php index 7da2551..c84cbbb 100755 --- a/admin/priority.php +++ b/admin/priority.php @@ -56,7 +56,7 @@ if ($_REQUEST['do'] == 'kill') if ($_REQUEST['do'] == 'delete') { - $admin->page_confirm(T('Are you sure you want to delete this priority? Doing so will revert all bugs to the default priority (which is set in the options panel)?'), 'priority.php', 'kill', array('priorityid' => $bugsys->input_clean('priorityid', TYPE_UINT))); + $admin->page_confirm(T('Are you sure you want to delete this priority? Doing so will revert all bugs to the default priority (which is set in the options panel)?'), 'priority.php', 'kill', array('priorityid' => $input->inputClean('priorityid', TYPE_UINT))); } // ################################################################### diff --git a/admin/product.php b/admin/product.php index 5f13e3d..34c9658 100755 --- a/admin/product.php +++ b/admin/product.php @@ -79,7 +79,7 @@ if (empty($_REQUEST['do'])) if ($_REQUEST['do'] == 'killversion') { - $bugsys->input_clean('versionid', TYPE_UINT); + $input->inputClean('versionid', TYPE_UINT); $db->query("DELETE FROM " . TABLE_PREFIX . "version WHERE versionid = " . $bugsys->in['versionid']); $db->query("DELETE FROM " . TABLE_PREFIX . "bug WHERE version = " . $bugsys->in['versionid']); @@ -92,14 +92,14 @@ if ($_REQUEST['do'] == 'killversion') if ($_REQUEST['do'] == 'deleteversion') { - $admin->page_confirm(T('Are you sure you want to delete this version? Doing so will do delete all the bugs with this version.'), 'product.php', 'killversion', array('versionid' => $bugsys->input_clean('versionid', TYPE_UINT))); + $admin->page_confirm(T('Are you sure you want to delete this version? Doing so will do delete all the bugs with this version.'), 'product.php', 'killversion', array('versionid' => $input->inputClean('versionid', TYPE_UINT))); } // ################################################################### if ($_REQUEST['do'] == 'insertversion') { - $db->query("INSERT INTO " . TABLE_PREFIX . "version (productid, version, displayorder, obsolete) VALUES (" . $bugsys->input_clean('productid', TYPE_UINT) . ", '" . $bugsys->input_escape('version') . "', " . $bugsys->input_clean('displayorder', TYPE_UINT) . ", " . $bugsys->input_clean('obsolete', TYPE_UINT) . ")"); + $db->query("INSERT INTO " . TABLE_PREFIX . "version (productid, version, displayorder, obsolete) VALUES (" . $input->inputClean('productid', TYPE_UINT) . ", '" . $bugsys->input_escape('version') . "', " . $input->inputClean('displayorder', TYPE_UINT) . ", " . $input->inputClean('obsolete', TYPE_UINT) . ")"); build_versions(); $admin->redirect('product.php?do=modify'); } @@ -108,7 +108,7 @@ if ($_REQUEST['do'] == 'insertversion') if ($_REQUEST['do'] == 'addversion') { - NavLinks::productsEdit($bugsys->input_clean('productid', TYPE_UINT)); + NavLinks::productsEdit($input->inputClean('productid', TYPE_UINT)); $navigator->set_focus('link', 'products-edit-version', 'products-edit'); if ($bugsys->in['productid'] != -1) @@ -149,7 +149,7 @@ if ($_REQUEST['do'] == 'updateversion') $admin->error(T('Please fill in a version number.')); } - $db->query("UPDATE " . TABLE_PREFIX . "version SET version = '" . $bugsys->input_escape('version') . "', displayorder = " . $bugsys->input_clean('displayorder', TYPE_UINT) . ", obsolete = " . $bugsys->input_clean('obsolete', TYPE_UINT) . " WHERE versionid = " . $bugsys->input_clean('versionid', TYPE_UINT)); + $db->query("UPDATE " . TABLE_PREFIX . "version SET version = '" . $bugsys->input_escape('version') . "', displayorder = " . $input->inputClean('displayorder', TYPE_UINT) . ", obsolete = " . $input->inputClean('obsolete', TYPE_UINT) . " WHERE versionid = " . $input->inputClean('versionid', TYPE_UINT)); build_versions(); $admin->redirect('product.php?do=modify'); @@ -161,7 +161,7 @@ if ($_REQUEST['do'] == 'editversion') { $admin->page_start(T('Edit Version')); - $version = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "version WHERE versionid = " . $bugsys->input_clean('versionid', TYPE_UINT)); + $version = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "version WHERE versionid = " . $input->inputClean('versionid', TYPE_UINT)); if (!is_array($version)) { $admin->error(L_INVALID_ID); @@ -185,7 +185,7 @@ if ($_REQUEST['do'] == 'editversion') if ($_REQUEST['do'] == 'killproduct') { - $bugsys->input_clean('productid', TYPE_UINT); + $input->inputClean('productid', TYPE_UINT); $allprods = $db->query("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = " . $bugsys->in['productid'] . " OR parentid = " . $bugsys->in['productid']); foreach ($allprods as $prod) { @@ -205,7 +205,7 @@ if ($_REQUEST['do'] == 'killproduct') if ($_REQUEST['do'] == 'deleteproduct') { - $admin->page_confirm(T('Are you sure you want to delete this product and all of it\'s versions and components and any bugs that have been assigned those products or components?'), 'product.php', 'killproduct', array('productid' => $bugsys->input_clean('productid', TYPE_UINT))); + $admin->page_confirm(T('Are you sure you want to delete this product and all of it\'s versions and components and any bugs that have been assigned those products or components?'), 'product.php', 'killproduct', array('productid' => $input->inputClean('productid', TYPE_UINT))); } // ################################################################### @@ -221,8 +221,8 @@ if ($_REQUEST['do'] == 'insertproduct') INSERT INTO " . TABLE_PREFIX . "product (title, parentid, description, displayorder) VALUES - ('" . $bugsys->input_escape('title') . "', " . $bugsys->input_clean('parentid', TYPE_UINT) . ", - '" . $bugsys->input_escape('description') . "', " . $bugsys->input_clean('displayorder', TYPE_UINT) . " + ('" . $bugsys->input_escape('title') . "', " . $input->inputClean('parentid', TYPE_UINT) . ", + '" . $bugsys->input_escape('description') . "', " . $input->inputClean('displayorder', TYPE_UINT) . " )" ); build_products(); @@ -234,7 +234,7 @@ if ($_REQUEST['do'] == 'insertproduct') if ($_REQUEST['do'] == 'addproduct') { - if ($bugsys->input_clean('productid', TYPE_UINT)) + if ($input->inputClean('productid', TYPE_UINT)) { NavLinks::productsEdit($bugsys->in['productid']); } @@ -274,7 +274,7 @@ if ($_REQUEST['do'] == 'updateproduct') $admin->error(L_INVALID_ID); } - $db->query("UPDATE " . TABLE_PREFIX . "product SET title = '" . $bugsys->input_escape('title') . "', description = '" . $bugsys->input_escape('description') . "', displayorder = " . $bugsys->input_clean('displayorder', TYPE_UINT) . " WHERE productid = " . $bugsys->input_clean('productid', TYPE_UINT)); + $db->query("UPDATE " . TABLE_PREFIX . "product SET title = '" . $bugsys->input_escape('title') . "', description = '" . $bugsys->input_escape('description') . "', displayorder = " . $input->inputClean('displayorder', TYPE_UINT) . " WHERE productid = " . $input->inputClean('productid', TYPE_UINT)); build_products(); $admin->redirect('product.php?do=modify'); @@ -284,7 +284,7 @@ if ($_REQUEST['do'] == 'updateproduct') if ($_REQUEST['do'] == 'editproduct') { - NavLinks::productsEdit($bugsys->input_clean('productid', TYPE_UINT)); + NavLinks::productsEdit($input->inputClean('productid', TYPE_UINT)); $navigator->set_focus('link', 'products-edit', 'products-edit'); $admin->page_start(T('Edit Product')); @@ -313,7 +313,7 @@ if ($_REQUEST['do'] == 'editproduct') if ($_POST['do'] == 'displayorder') { - $bugsys->input_clean('displayorder', TYPE_UINT); + $input->inputClean('displayorder', TYPE_UINT); if (is_array($bugsys->in['displayorder'])) { foreach ($bugsys->in['displayorder'] AS $namebit => $displayorder) diff --git a/admin/resolution.php b/admin/resolution.php index 514709f..18c827b 100755 --- a/admin/resolution.php +++ b/admin/resolution.php @@ -56,7 +56,7 @@ if ($_REQUEST['do'] == 'kill') if ($_REQUEST['do'] == 'delete') { - $admin->page_confirm(T('Are you sure you want to delete this resolution? Doing so will revert all bugs to the default resolution (which is set in the options panel)?'), 'resolution.php', 'kill', array('resolutionid' => $bugsys->input_clean('resolutionid', TYPE_UINT))); + $admin->page_confirm(T('Are you sure you want to delete this resolution? Doing so will revert all bugs to the default resolution (which is set in the options panel)?'), 'resolution.php', 'kill', array('resolutionid' => $input->inputClean('resolutionid', TYPE_UINT))); } // ################################################################### diff --git a/admin/severity.php b/admin/severity.php index abdf148..50876ef 100755 --- a/admin/severity.php +++ b/admin/severity.php @@ -56,7 +56,7 @@ if ($_REQUEST['do'] == 'kill') if ($_REQUEST['do'] == 'delete') { - $admin->page_confirm(T('Are you sure you want to delete this severity? Doing so will revert all bugs to the default severity (which is set in the options panel)?'), 'severity.php', 'kill', array('severityid' => $bugsys->input_clean('severityid', TYPE_UINT))); + $admin->page_confirm(T('Are you sure you want to delete this severity? Doing so will revert all bugs to the default severity (which is set in the options panel)?'), 'severity.php', 'kill', array('severityid' => $input->inputClean('severityid', TYPE_UINT))); } // ################################################################### diff --git a/admin/status.php b/admin/status.php index 3d2a7ab..26b04da 100755 --- a/admin/status.php +++ b/admin/status.php @@ -56,7 +56,7 @@ if ($_REQUEST['do'] == 'kill') if ($_REQUEST['do'] == 'delete') { - $admin->page_confirm(T('Are you sure you want to delete this status? Doing so will revert all bugs to the default status (which is set in the options panel)?'), 'status.php', 'kill', array('statusid' => $bugsys->input_clean('statusid', TYPE_UINT))); + $admin->page_confirm(T('Are you sure you want to delete this status? Doing so will revert all bugs to the default status (which is set in the options panel)?'), 'status.php', 'kill', array('statusid' => $input->inputClean('statusid', TYPE_UINT))); } // ################################################################### diff --git a/admin/user.php b/admin/user.php index 13ff1d7..0f790a1 100644 --- a/admin/user.php +++ b/admin/user.php @@ -73,7 +73,7 @@ if ($_REQUEST['do'] == 'kill') if ($_REQUEST['do'] == 'delete') { - $admin->page_confirm(T('Are you sure you want to delete this user?'), 'user.php', 'kill', array('userid' => $bugsys->input_clean('userid', TYPE_UINT))); + $admin->page_confirm(T('Are you sure you want to delete this user?'), 'user.php', 'kill', array('userid' => $input->inputClean('userid', TYPE_UINT))); } // ################################################################### @@ -99,7 +99,7 @@ if ($_POST['do'] == 'insert') // post_insert will set the email options... so we now have to dump them $db->query("DELETE FROM " . TABLE_PREFIX . "useremail WHERE userid = " . $user->insertid); - $bugsys->input_clean('emailopts', TYPE_INT); + $input->inputClean('emailopts', TYPE_INT); if (is_array($bugsys->in['emailopts'])) { foreach ($bugsys->in['emailopts'] AS $relation => $bitarr) @@ -139,7 +139,7 @@ if ($_POST['do'] == 'update') $user->update(); $db->query("DELETE FROM " . TABLE_PREFIX . "useremail WHERE userid = " . $user->values['userid']); - $bugsys->input_clean('emailopts', TYPE_INT); + $input->inputClean('emailopts', TYPE_INT); if (is_array($bugsys->in['emailopts'])) { foreach ($bugsys->in['emailopts'] AS $relation => $bitarr) @@ -330,7 +330,7 @@ if ($_REQUEST['do'] == 'search') if (is_numeric($bugsys->in['userdata'])) { - $bugsys->input_clean('userdata', TYPE_UINT); + $input->inputClean('userdata', TYPE_UINT); if ($db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . $bugsys->in['userdata'])) { header('Location: user.php?do=edit&userid=' . $bugsys->in['userdata']); diff --git a/admin/usergroup.php b/admin/usergroup.php index 3f0bc58..9ad4975 100755 --- a/admin/usergroup.php +++ b/admin/usergroup.php @@ -213,7 +213,7 @@ if ($_REQUEST['do'] == 'add' OR $_REQUEST['do'] == 'edit' OR $_REQUEST['do'] == if ($_POST['do'] == 'insert') { - $bugsys->input_clean('perm', TYPE_UINT); + $input->inputClean('perm', TYPE_UINT); foreach ($bugsys->in['perm'] AS $permtitle => $binaryswitch) { $permissionvalue += $bugsys->permissions["$permtitle"] * $binaryswitch; @@ -225,7 +225,7 @@ if ($_POST['do'] == 'insert') $usergroup->set('permissions', $permissionvalue); $usergroup->insert(); - $bugsys->input_clean('custom', TYPE_UINT); + $input->inputClean('custom', TYPE_UINT); if (is_array($bugsys->in['custom'])) { foreach ($bugsys->in['custom'] AS $fieldid => $mask) @@ -246,7 +246,7 @@ if ($_POST['do'] == 'insert') } // copy product permissions from cloning - if ($bugsys->input_clean('cloneid', TYPE_UINT)) + if ($input->inputClean('cloneid', TYPE_UINT)) { $prodperms = $db->query("SELECT * FROM " . TABLE_PREFIX . "permission WHERE usergroupid = " . $bugsys->in['cloneid']); foreach ($prodperms as $prod) @@ -263,12 +263,12 @@ if ($_POST['do'] == 'insert') if ($_POST['do'] == 'update') { - $bugsys->input_clean_array(array( + $input->inputClean_array(array( 'perm' => TYPE_UINT, 'usergroupid' => TYPE_UINT, 'custom' => TYPE_UINT )); - $bugsys->input_clean('perm', TYPE_UINT); + $input->inputClean('perm', TYPE_UINT); foreach ($bugsys->in['perm'] AS $permtitle => $binaryswitch) { $permissionvalue += $bugsys->permissions["$permtitle"] * $binaryswitch; @@ -282,7 +282,7 @@ if ($_POST['do'] == 'update') $usergroup->set('permissions', $permissionvalue); $usergroup->update(); - $bugsys->input_clean('custom', TYPE_UINT); + $input->inputClean('custom', TYPE_UINT); if (is_array($bugsys->in['custom'])) { foreach ($bugsys->in['custom'] AS $fieldid => $mask) @@ -309,7 +309,7 @@ if ($_POST['do'] == 'update') if ($_POST['do'] == 'doapprove') { - $bugsys->input_clean('approve', TYPE_UINT); + $input->inputClean('approve', TYPE_UINT); $idlist = array(); if (is_array($bugsys->in['approve'])) diff --git a/attachment.php b/attachment.php index 61848d8..8bda1b6 100755 --- a/attachment.php +++ b/attachment.php @@ -38,14 +38,14 @@ APIError(array(new API_Error_Handler($message), 'user_cumulative')); if (isset($bugsys->in['attachmentid'])) { - $attachment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE attachmentid = " . $bugsys->input_clean('attachmentid', TYPE_UINT)); + $attachment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE attachmentid = " . $input->inputClean('attachmentid', TYPE_UINT)); if (!$attachment) { $message->error(L_INVALID_ID); } } -$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . (($attachment['attachmentid']) ? $attachment['bugid'] : $bugsys->input_clean('bugid', TYPE_UINT))); +$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . (($attachment['attachmentid']) ? $attachment['bugid'] : $input->inputClean('bugid', TYPE_UINT))); if (!$bug) { $message->error(L_INVALID_ID); @@ -116,7 +116,7 @@ if ($_POST['do'] == 'insert') { $attachapi->insert(); - $obsoletes = $bugsys->input_clean('obsoletes', TYPE_UINT); + $obsoletes = $input->inputClean('obsoletes', TYPE_UINT); $notif->send_new_attachment_notice($attachapi->values, $obsoletes, $attachapi->insertid); diff --git a/editreport.php b/editreport.php index 4da9a13..637b753 100644 --- a/editreport.php +++ b/editreport.php @@ -37,7 +37,7 @@ $bug = $db->query_first(" FROM " . TABLE_PREFIX . "bug AS bug LEFT JOIN " . TABLE_PREFIX . "user AS user ON (bug.userid = user.userid) - WHERE bug.bugid = " . $bugsys->input_clean('bugid', TYPE_UINT) + WHERE bug.bugid = " . $input->inputClean('bugid', TYPE_UINT) ); if (!$bug) @@ -104,7 +104,7 @@ if ($_POST['do'] == 'update') // handle automations if ($bugsys->in['automation']) { - $automation = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "automation WHERE actionid = " . $bugsys->input_clean('automation', TYPE_UINT)); + $automation = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "automation WHERE actionid = " . $input->inputClean('automation', TYPE_UINT)); if ($automation) { $automation['fields'] = unserialize($automation['fieldchanges']); diff --git a/favorite.php b/favorite.php index afa6bff..bec6abe 100644 --- a/favorite.php +++ b/favorite.php @@ -41,7 +41,7 @@ require_once('./includes/class_sort.php'); if ($_REQUEST['do'] == 'handle') { - $bugsys->input_clean('bugid', TYPE_UINT); + $input->inputClean('bugid', TYPE_UINT); $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . $bugsys->in['bugid']); if (!check_bug_permissions($bug)) { diff --git a/install/convert_database_charset.php b/install/convert_database_charset.php index 190c730..cc8d6ee 100644 --- a/install/convert_database_charset.php +++ b/install/convert_database_charset.php @@ -29,7 +29,7 @@ define('ISSO_PRINTER_NO_NAVIGATION', 1); // you can change what you want to conver to here define('TARGET', 'utf8_general_ci'); -$bugsys->input_clean('step', TYPE_UINT); +$input->inputClean('step', TYPE_UINT); // columns to convert per table $columnConversions = array(); diff --git a/install/global.php b/install/global.php index 554bf2a..6f20ef2 100644 --- a/install/global.php +++ b/install/global.php @@ -104,7 +104,7 @@ $bugsys->versions = array( $bugsys->load('installer', null); -$bugsys->input_clean('mark', TYPE_UINT); +$input->inputClean('mark', TYPE_UINT); if ($bugsys->in['mark'] == STOP_MARK) { diff --git a/login.php b/login.php index ef16205..4e8a0fa 100755 --- a/login.php +++ b/login.php @@ -53,7 +53,7 @@ if (empty($_REQUEST['do'])) if ($_POST['do'] == 'login' OR $_POST['do'] == 'cplogin') { - $keeplogin = $bugsys->input_clean('rememberme', TYPE_BOOL); + $keeplogin = $input->inputClean('rememberme', TYPE_BOOL); if ($_POST['cplogin']) { $keeplogin = 0; diff --git a/register.php b/register.php index 720f8bf..a27a0e8 100755 --- a/register.php +++ b/register.php @@ -162,7 +162,7 @@ if (empty($_REQUEST['do'])) if ($_REQUEST['do'] == 'activate') { - $bugsys->input_clean('userid', TYPE_UINT); + $input->inputClean('userid', TYPE_UINT); if ($useractivation = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . $bugsys->in['userid'] . " AND activator = '" . $bugsys->input_escape('activator') . "'")) { $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . $bugsys->in['userid']); diff --git a/search.php b/search.php index 1ad8f0e..6107256 100644 --- a/search.php +++ b/search.php @@ -76,7 +76,7 @@ if ($_REQUEST['do'] == 'search') } else if ($bugsys->in['searchid']) { - $cachedsearch = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); + $cachedsearch = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); } else if (bugdar::$userinfo['userid']) { @@ -251,35 +251,35 @@ if ($_REQUEST['do'] == 'process') // severity if ($bugsys->in['severity']) { - $bugsys->input_clean('severity', TYPE_UINT); + $input->inputClean('severity', TYPE_UINT); $querybuild['severity'] = "AND bug.severity IN (" . implode(',', $bugsys->in['severity']) . ")"; } // priority if ($bugsys->in['priority']) { - $bugsys->input_clean('priority', TYPE_UINT); + $input->inputClean('priority', TYPE_UINT); $querybuild['priority'] = "AND bug.priority IN (" . implode(',', $bugsys->in['priority']) . ")"; } // status if ($bugsys->in['status']) { - $bugsys->input_clean('status', TYPE_UINT); + $input->inputClean('status', TYPE_UINT); $querybuild['status'] = "AND bug.status IN (" . implode(',', $bugsys->in['status']) . ")"; } // resolution if ($bugsys->in['resolution']) { - $bugsys->input_clean('resolution', TYPE_UINT); + $input->inputClean('resolution', TYPE_UINT); $querybuild['resolution'] = "AND bug.resolution IN (" . implode(',', $bugsys->in['resolution']) . ")"; } // assignment if ($bugsys->in['assignedto']) { - $bugsys->input_clean('assignedto', TYPE_UINT); + $input->inputClean('assignedto', TYPE_UINT); $querybuild['assignedto'] = "AND bug.assignedto IN (" . implode(',', $bugsys->in['assignedto']) . ")"; } @@ -288,13 +288,13 @@ if ($_REQUEST['do'] == 'process') if ($bugsys->in['date']) { // now - (seconds/day * number of days) - $dateline = time() - ($bugsys->input_clean('date', TYPE_INT) * 3600); + $dateline = time() - ($input->inputClean('date', TYPE_INT) * 3600); $querybuild['date'] = "AND bug.dateline >= $dateline"; } // ------------------------------------------------------------------- // favorites - $bugsys->input_clean('favorite', TYPE_INT); + $input->inputClean('favorite', TYPE_INT); if ($bugsys->in['favorite'] != 0 AND bugdar::$userinfo['userid']) { $favorites = $db->query("SELECT * FROM " . TABLE_PREFIX . "favorite WHERE userid = " . bugdar::$userinfo['userid']); @@ -339,7 +339,7 @@ if ($_REQUEST['do'] == 'process') { if (!empty($bugsys->in["custom$field[fieldid]"]) OR ($field['type'] == 'select_single' AND isset($bugsys->in["custom$field[fieldid]"]))) { - if ($field['type'] == 'input_checkbox' AND $bugsys->input_clean("custom$field[fieldid]", TYPE_INT) != 0) + if ($field['type'] == 'input_checkbox' AND $input->inputClean("custom$field[fieldid]", TYPE_INT) != 0) { $querybuild[] = "AND bug.custom$field[fieldid] = " . ($bugsys->in["custom$field[fieldid]"] > 0 ? 1 : 0); } @@ -440,7 +440,7 @@ if ($_REQUEST['do'] == 'process') if ($_REQUEST['do'] == 'update') { - $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); + $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); if (!$search OR !can_perform('caneditother')) { $message->errorPermission(); @@ -494,7 +494,7 @@ if ($_REQUEST['do'] == 'update') if ($_POST['do'] == 'doupdate') { - $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); + $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); if (!$search OR !can_perform('caneditother')) { $message->errorPermission(); @@ -577,7 +577,7 @@ if ($_REQUEST['do'] == 'export') } else if ($bugsys->in['searchid']) { - $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); + $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); } else { @@ -635,7 +635,7 @@ if ($_REQUEST['do'] == 'export') if ($_POST['do'] == 'dosave') { - $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); + $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); if (!$search) { $message->addError(T('The search does not exist.')); diff --git a/showhistory.php b/showhistory.php index a6e490a..4cf44aa 100644 --- a/showhistory.php +++ b/showhistory.php @@ -31,7 +31,7 @@ $focus['showreport'] = 'focus'; require_once('./global.php'); require_once('./includes/api_user.php'); -$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . $bugsys->input_clean('bugid', TYPE_UINT)); +$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . $input->inputClean('bugid', TYPE_UINT)); if (!$bug) { $message->error(L_INVALID_ID); diff --git a/showreport.php b/showreport.php index c46bd47..27e2c64 100644 --- a/showreport.php +++ b/showreport.php @@ -34,7 +34,7 @@ $focus['showreport'] = 'focus'; require_once('./global.php'); require_once('./includes/functions_product.php'); -$bugid = $bugsys->input_clean('bugid', TYPE_UINT); +$bugid = $input->inputClean('bugid', TYPE_UINT); // ################################################################### diff --git a/userctrl.php b/userctrl.php index 2cc6cc7..a7f01a1 100644 --- a/userctrl.php +++ b/userctrl.php @@ -57,7 +57,7 @@ if (empty($_REQUEST['do'])) if ($_POST['do'] == 'killsearch') { - $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); + $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); if (!$search) { $message->errorPermission(); @@ -72,7 +72,7 @@ if ($_POST['do'] == 'killsearch') if ($_REQUEST['do'] == 'deletesearch') { - $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); + $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); if (!$search) { $message->errorPermission(); @@ -147,7 +147,7 @@ if ($_POST['do'] == 'update') $userapi->set('hidestatuses', $bugsys->in['hidestatuses']); $userapi->set('defaultsortkey', $bugsys->in['defaultsortkey']); $userapi->set('defaultsortas', $bugsys->in['defaultsortas']); - $userapi->set('columnoptions', $bugsys->input_clean('columnoptions', TYPE_UINT)); + $userapi->set('columnoptions', $input->inputClean('columnoptions', TYPE_UINT)); // ------------------------------------------------------------------- // copy fields @@ -177,7 +177,7 @@ if ($_POST['do'] == 'update') $userapi->update(); $db->query("DELETE FROM " . TABLE_PREFIX . "useremail WHERE userid = " . bugdar::$userinfo['userid']); - $bugsys->input_clean('emailopts', TYPE_INT); + $input->inputClean('emailopts', TYPE_INT); if (is_array($bugsys->in['emailopts'])) { foreach ($bugsys->in['emailopts'] AS $relation => $bitarr) diff --git a/viewattachment.php b/viewattachment.php index 4a1bb8d..4ce3fe5 100755 --- a/viewattachment.php +++ b/viewattachment.php @@ -27,7 +27,7 @@ $focus['showreport'] = 'focus'; require_once('./global.php'); -$attachment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE attachmentid = " . $bugsys->input_clean('attachmentid', TYPE_UINT)); +$attachment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE attachmentid = " . $input->inputClean('attachmentid', TYPE_UINT)); if (!$attachment) { $message->error(L_INVALID_ID); diff --git a/vote.php b/vote.php index 91384a8..d0e29a6 100644 --- a/vote.php +++ b/vote.php @@ -36,7 +36,7 @@ if (empty($_REQUEST['do'])) if ($_REQUEST['do'] == 'vote') { - $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . $bugsys->input_clean('bugid', TYPE_UINT)); + $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . $input->inputClean('bugid', TYPE_UINT)); $vote = $db->query_first("SELECT *, FIND_IN_SET(" . bugdar::$userinfo['userid'] . ", userids) AS uservote FROM " . TABLE_PREFIX . "vote WHERE bugid = $bug[bugid]"); if (!check_bug_permissions($bug)) @@ -73,7 +73,7 @@ if ($_REQUEST['do'] == 'vote') } } - $uservote = $bugsys->input_clean('vote', TYPE_INT); + $uservote = $input->inputClean('vote', TYPE_INT); $votefor = $vote['votefor']; $voteagainst = $vote['voteagainst']; -- 2.43.5