Changed $_GET, $_POST and $_REQUEST to use the Request object

author: Igor Scheller <igor.scheller@igorshp.de> 2017-07-18 21:38:53 +0200
committer: Igor Scheller <igor.scheller@igorshp.de> 2017-07-19 11:44:16 +0200
commit: 3a1e4602492cec1c8f3d2aabab2c866022f43bf1 (patch)
tree: c367c1ce15f957a1e9a0879b875e8d635883280e /includes/pages/user_messages.php
parent: 04217834fa4e6f94fec0836a80ea5526b8ebc9bc (diff)
1 files changed, 9 insertions, 7 deletions
diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php
index dd22cd66..a811970d 100644
--- a/includes/pages/user_messages.php
+++ b/includes/pages/user_messages.php
@@ -35,8 +35,9 @@ function user_unread_messages()
 function user_messages()
 {
     global $user;
+    $request = request();
 
-    if (!isset($_REQUEST['action'])) {
+    if (!$request->has('action')) {
         $users = DB::select(
             'SELECT `UID`, `Nick` FROM `User` WHERE NOT `UID`=? ORDER BY `Nick`',
             [$user['UID']]
@@ -121,10 +122,10 @@ function user_messages()
             ], page_link_to('user_messages') . '&action=send')
         ]);
     } else {
-        switch ($_REQUEST['action']) {
+        switch ($request->input('action')) {
             case 'read':
-                if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
-                    $message_id = $_REQUEST['id'];
+                if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
+                    $message_id = $request->input('id');
                 } else {
                     return error(_('Incomplete call, missing Message ID.'), true);
                 }
@@ -145,8 +146,8 @@ function user_messages()
                 break;
 
             case 'delete':
-                if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
-                    $message_id = $_REQUEST['id'];
+                if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
+                    $message_id = $request->input('id');
                 } else {
                     return error(_('Incomplete call, missing Message ID.'), true);
                 }
@@ -164,7 +165,8 @@ function user_messages()
                 break;
 
             case 'send':
-                if (Message_send($_REQUEST['to'], $_REQUEST['text'])) {
+                // @TODO: Validation?
+                if (Message_send($request->input('to'), $request->input('text'))) {
                     redirect(page_link_to('user_messages'));
                 } else {
                     return error(_('Transmitting was terminated with an Error.'), true);
author	Igor Scheller <igor.scheller@igorshp.de>	2017-07-18 21:38:53 +0200
committer	Igor Scheller <igor.scheller@igorshp.de>	2017-07-19 11:44:16 +0200
commit	3a1e4602492cec1c8f3d2aabab2c866022f43bf1 (patch)
tree	c367c1ce15f957a1e9a0879b875e8d635883280e /includes/pages/user_messages.php
parent	04217834fa4e6f94fec0836a80ea5526b8ebc9bc (diff)