summaryrefslogtreecommitdiff
path: root/includes/controller
diff options
context:
space:
mode:
Diffstat (limited to 'includes/controller')
-rw-r--r--includes/controller/angeltypes_controller.php22
-rw-r--r--includes/controller/event_config_controller.php7
-rw-r--r--includes/controller/rooms_controller.php15
-rw-r--r--includes/controller/shift_entries_controller.php30
-rw-r--r--includes/controller/shifts_controller.php54
-rw-r--r--includes/controller/shifttypes_controller.php35
-rw-r--r--includes/controller/user_angeltypes_controller.php49
-rw-r--r--includes/controller/user_driver_licenses_controller.php24
-rw-r--r--includes/controller/users_controller.php72
9 files changed, 176 insertions, 132 deletions
diff --git a/includes/controller/angeltypes_controller.php b/includes/controller/angeltypes_controller.php
index daa754eb..346a4d73 100644
--- a/includes/controller/angeltypes_controller.php
+++ b/includes/controller/angeltypes_controller.php
@@ -81,7 +81,7 @@ function angeltype_delete_controller()
$angeltype = load_angeltype();
- if (isset($_REQUEST['confirmed'])) {
+ if (request()->has('confirmed')) {
AngelType_delete($angeltype);
success(sprintf(_('Angeltype %s deleted.'), AngelType_name_render($angeltype)));
redirect(page_link_to('angeltypes'));
@@ -104,8 +104,9 @@ function angeltype_edit_controller()
// In supporter mode only allow to modify description
$supporter_mode = !in_array('admin_angel_types', $privileges);
+ $request = request();
- if (isset($_REQUEST['angeltype_id'])) {
+ if ($request->has('angeltype_id')) {
// Edit existing angeltype
$angeltype = load_angeltype();
@@ -121,12 +122,12 @@ function angeltype_edit_controller()
$angeltype = AngelType_new();
}
- if (isset($_REQUEST['submit'])) {
+ if ($request->has('submit')) {
$valid = true;
if (!$supporter_mode) {
- if (isset($_REQUEST['name'])) {
- $result = AngelType_validate_name($_REQUEST['name'], $angeltype);
+ if ($request->has('name')) {
+ $result = AngelType_validate_name($request->get('name'), $angeltype);
$angeltype['name'] = $result->getValue();
if (!$result->isValid()) {
$valid = false;
@@ -134,10 +135,10 @@ function angeltype_edit_controller()
}
}
- $angeltype['restricted'] = isset($_REQUEST['restricted']);
- $angeltype['no_self_signup'] = isset($_REQUEST['no_self_signup']);
+ $angeltype['restricted'] = $request->has('restricted');
+ $angeltype['no_self_signup'] = $request->has('no_self_signup');
- $angeltype['requires_driver_license'] = isset($_REQUEST['requires_driver_license']);
+ $angeltype['requires_driver_license'] = $request->has('requires_driver_license');
}
$angeltype['description'] = strip_request_item_nl('description', $angeltype['description']);
@@ -262,11 +263,12 @@ function angeltypes_list_controller()
*/
function load_angeltype()
{
- if (!isset($_REQUEST['angeltype_id'])) {
+ $request = request();
+ if (!$request->has('angeltype_id')) {
redirect(page_link_to('angeltypes'));
}
- $angeltype = AngelType($_REQUEST['angeltype_id']);
+ $angeltype = AngelType($request->input('angeltype_id'));
if ($angeltype == null) {
error(_('Angeltype doesn\'t exist . '));
redirect(page_link_to('angeltypes'));
diff --git a/includes/controller/event_config_controller.php b/includes/controller/event_config_controller.php
index 06245c47..dcdcf54a 100644
--- a/includes/controller/event_config_controller.php
+++ b/includes/controller/event_config_controller.php
@@ -19,6 +19,7 @@ function event_config_edit_controller()
redirect('?');
}
+ $request = request();
$event_name = null;
$event_welcome_msg = null;
$buildup_start_date = null;
@@ -36,17 +37,17 @@ function event_config_edit_controller()
$event_welcome_msg = $event_config['event_welcome_msg'];
}
- if (isset($_REQUEST['submit'])) {
+ if ($request->has('submit')) {
$valid = true;
- if (isset($_REQUEST['event_name'])) {
+ if ($request->has('event_name')) {
$event_name = strip_request_item('event_name');
}
if ($event_name == '') {
$event_name = null;
}
- if (isset($_REQUEST['event_welcome_msg'])) {
+ if ($request->has('event_welcome_msg')) {
$event_welcome_msg = strip_request_item_nl('event_welcome_msg');
}
if ($event_welcome_msg == '') {
diff --git a/includes/controller/rooms_controller.php b/includes/controller/rooms_controller.php
index 3082a28d..2d6f1a77 100644
--- a/includes/controller/rooms_controller.php
+++ b/includes/controller/rooms_controller.php
@@ -19,6 +19,7 @@ function room_controller()
redirect(page_link_to());
}
+ $request = request();
$room = load_room(false);
if ($room['show'] != 'Y' && !in_array('admin_rooms', $privileges)) {
redirect(page_link_to());
@@ -42,8 +43,8 @@ function room_controller()
if (!empty($days)) {
$selected_day = $days[0];
}
- if (isset($_REQUEST['shifts_filter_day'])) {
- $selected_day = $_REQUEST['shifts_filter_day'];
+ if ($request->has('shifts_filter_day')) {
+ $selected_day = $request->input('shifts_filter_day');
}
$shiftsFilter->setStartTime(parse_date('Y-m-d H:i', $selected_day . ' 00:00'));
$shiftsFilter->setEndTime(parse_date('Y-m-d H:i', $selected_day . ' 23:59'));
@@ -66,11 +67,13 @@ function room_controller()
*/
function rooms_controller()
{
- if (!isset($_REQUEST['action'])) {
- $_REQUEST['action'] = 'list';
+ $request = request();
+ $action = $request->input('action');
+ if (!$request->has('action')) {
+ $action = 'list';
}
- switch ($_REQUEST['action']) {
+ switch ($action) {
case 'view':
return room_controller();
case 'list':
@@ -112,7 +115,7 @@ function load_room($onlyVisible = true)
redirect(page_link_to());
}
- $room = Room($_REQUEST['room_id'], $onlyVisible);
+ $room = Room(request()->input('room_id'), $onlyVisible);
if ($room == null) {
redirect(page_link_to());
}
diff --git a/includes/controller/shift_entries_controller.php b/includes/controller/shift_entries_controller.php
index cb2d9bee..38aad5bb 100644
--- a/includes/controller/shift_entries_controller.php
+++ b/includes/controller/shift_entries_controller.php
@@ -11,9 +11,10 @@ function shift_entry_add_controller()
{
global $privileges, $user;
+ $request = request();
$shift_id = 0;
- if (isset($_REQUEST['shift_id']) && preg_match('/^\d*$/', $_REQUEST['shift_id'])) {
- $shift_id = $_REQUEST['shift_id'];
+ if ($request->has('shift_id') && preg_match('/^\d*$/', $request->input('shift_id'))) {
+ $shift_id = $request->input('shift_id');
} else {
redirect(page_link_to('user_shifts'));
}
@@ -32,8 +33,8 @@ function shift_entry_add_controller()
}
$type_id = 0;
- if (isset($_REQUEST['type_id']) && preg_match('/^\d*$/', $_REQUEST['type_id'])) {
- $type_id = $_REQUEST['type_id'];
+ if ($request->has('type_id') && preg_match('/^\d*$/', $request->input('type_id'))) {
+ $type_id = $request->input('type_id');
} else {
redirect(page_link_to('user_shifts'));
}
@@ -63,14 +64,14 @@ function shift_entry_add_controller()
}
if (
- isset($_REQUEST['user_id'])
- && preg_match('/^\d*$/', $_REQUEST['user_id'])
+ $request->has('user_id')
+ && preg_match('/^\d*$/', $request->input('user_id'))
&& (
in_array('user_shifts_admin', $privileges)
|| in_array('shiftentry_edit_angeltype_supporter', $privileges)
)
) {
- $user_id = $_REQUEST['user_id'];
+ $user_id = $request->input('user_id');
} else {
$user_id = $user['UID'];
}
@@ -92,7 +93,7 @@ function shift_entry_add_controller()
redirect(shift_link($shift));
}
- if (isset($_REQUEST['submit'])) {
+ if ($request->has('submit')) {
$selected_type_id = $type_id;
if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter',
$privileges)
@@ -103,14 +104,14 @@ function shift_entry_add_controller()
}
if (
- isset($_REQUEST['angeltype_id'])
+ $request->has('angeltype_id')
&& test_request_int('angeltype_id')
&& count(DB::select(
'SELECT `id` FROM `AngelTypes` WHERE `id`=? LIMIT 1',
- [$_REQUEST['angeltype_id']]
+ [$request->input('angeltype_id')]
)) > 0
) {
- $selected_type_id = $_REQUEST['angeltype_id'];
+ $selected_type_id = $request->input('angeltype_id');
}
}
@@ -124,7 +125,7 @@ function shift_entry_add_controller()
$freeloaded = isset($shift['freeloaded']) ? $shift['freeloaded'] : false;
$freeload_comment = isset($shift['freeload_comment']) ? $shift['freeload_comment'] : '';
if (in_array('user_shifts_admin', $privileges)) {
- $freeloaded = isset($_REQUEST['freeloaded']);
+ $freeloaded = $request->has('freeloaded');
$freeload_comment = strip_request_item_nl('freeload_comment');
}
@@ -236,11 +237,12 @@ function shift_entry_add_controller()
function shift_entry_delete_controller()
{
global $privileges, $user;
+ $request = request();
- if (!isset($_REQUEST['entry_id']) || !test_request_int('entry_id')) {
+ if (!$request->has('entry_id') || !test_request_int('entry_id')) {
redirect(page_link_to('user_shifts'));
}
- $entry_id = $_REQUEST['entry_id'];
+ $entry_id = $request->input('entry_id');
$shift_entry_source = DB::select('
SELECT
diff --git a/includes/controller/shifts_controller.php b/includes/controller/shifts_controller.php
index c8b6932a..21c6e160 100644
--- a/includes/controller/shifts_controller.php
+++ b/includes/controller/shifts_controller.php
@@ -44,15 +44,16 @@ function shift_edit_controller()
// Schicht bearbeiten
$msg = '';
$valid = true;
+ $request = request();
if (!in_array('admin_shifts', $privileges)) {
redirect(page_link_to('user_shifts'));
}
- if (!isset($_REQUEST['edit_shift']) || !test_request_int('edit_shift')) {
+ if (!$request->has('edit_shift') || !test_request_int('edit_shift')) {
redirect(page_link_to('user_shifts'));
}
- $shift_id = $_REQUEST['edit_shift'];
+ $shift_id = $request->input('edit_shift');
$shift = Shift($shift_id);
@@ -73,33 +74,37 @@ function shift_edit_controller()
$start = $shift['start'];
$end = $shift['end'];
- if (isset($_REQUEST['submit'])) {
+ if ($request->has('submit')) {
// Name/Bezeichnung der Schicht, darf leer sein
$title = strip_request_item('title');
// Auswahl der sichtbaren Locations für die Schichten
- if (isset($_REQUEST['rid']) && preg_match('/^\d+$/', $_REQUEST['rid']) && isset($room[$_REQUEST['rid']])) {
- $rid = $_REQUEST['rid'];
+ if (
+ $request->has('rid')
+ && preg_match('/^\d+$/', $request->input('rid'))
+ && isset($room[$request->input('rid')])
+ ) {
+ $rid = $request->input('rid');
} else {
$valid = false;
$msg .= error(_('Please select a room.'), true);
}
- if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
- $shifttype_id = $_REQUEST['shifttype_id'];
+ if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) {
+ $shifttype_id = $request->input('shifttype_id');
} else {
$valid = false;
$msg .= error(_('Please select a shifttype.'), true);
}
- if (isset($_REQUEST['start']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['start'])) {
+ if ($request->has('start') && $tmp = parse_date('Y-m-d H:i', $request->input('start'))) {
$start = $tmp;
} else {
$valid = false;
$msg .= error(_('Please enter a valid starting time for the shifts.'), true);
}
- if (isset($_REQUEST['end']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['end'])) {
+ if ($request->has('end') && $tmp = parse_date('Y-m-d H:i', $request->input('end'))) {
$end = $tmp;
} else {
$valid = false;
@@ -112,8 +117,8 @@ function shift_edit_controller()
}
foreach ($needed_angel_types as $needed_angeltype_id => $needed_angeltype_name) {
- if (isset($_REQUEST['type_' . $needed_angeltype_id]) && test_request_int('type_' . $needed_angeltype_id)) {
- $needed_angel_types[$needed_angeltype_id] = trim($_REQUEST['type_' . $needed_angeltype_id]);
+ if ($request->has('type_' . $needed_angeltype_id) && test_request_int('type_' . $needed_angeltype_id)) {
+ $needed_angel_types[$needed_angeltype_id] = trim($request->input('type_' . $needed_angeltype_id));
} else {
$valid = false;
$msg .= error(sprintf(
@@ -186,16 +191,17 @@ function shift_edit_controller()
function shift_delete_controller()
{
global $privileges;
+ $request = request();
if (!in_array('user_shifts_admin', $privileges)) {
redirect(page_link_to('user_shifts'));
}
// Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg)
- if (!isset($_REQUEST['delete_shift']) || !preg_match('/^\d*$/', $_REQUEST['delete_shift'])) {
+ if (!$request->has('delete_shift') || !preg_match('/^\d*$/', $request->input('delete_shift'))) {
redirect(page_link_to('user_shifts'));
}
- $shift_id = $_REQUEST['delete_shift'];
+ $shift_id = $request->input('delete_shift');
$shift = Shift($shift_id);
if ($shift == null) {
@@ -203,7 +209,7 @@ function shift_delete_controller()
}
// Schicht löschen bestätigt
- if (isset($_REQUEST['delete'])) {
+ if ($request->has('delete')) {
Shift_delete($shift_id);
engelsystem_log(
@@ -232,16 +238,17 @@ function shift_delete_controller()
function shift_controller()
{
global $user, $privileges;
+ $request = request();
if (!in_array('user_shifts', $privileges)) {
redirect(page_link_to('?'));
}
- if (!isset($_REQUEST['shift_id'])) {
+ if (!$request->has('shift_id')) {
redirect(page_link_to('user_shifts'));
}
- $shift = Shift($_REQUEST['shift_id']);
+ $shift = Shift($request->input('shift_id'));
if ($shift == null) {
error(_('Shift could not be found.'));
redirect(page_link_to('user_shifts'));
@@ -285,11 +292,12 @@ function shift_controller()
*/
function shifts_controller()
{
- if (!isset($_REQUEST['action'])) {
+ $request = request();
+ if (!$request->has('action')) {
redirect(page_link_to('user_shifts'));
}
- switch ($_REQUEST['action']) {
+ switch ($request->input('action')) {
case 'view':
return shift_controller();
case 'next':
@@ -330,16 +338,17 @@ function shift_next_controller()
function shifts_json_export_all_controller()
{
$api_key = config('api_key');
+ $request = request();
if (empty($api_key)) {
engelsystem_error('Config contains empty apikey.');
}
- if (!isset($_REQUEST['api_key'])) {
+ if (!$request->has('api_key')) {
engelsystem_error('Missing parameter api_key.');
}
- if ($_REQUEST['api_key'] != $api_key) {
+ if ($request->input('api_key') != $api_key) {
engelsystem_error('Invalid api_key.');
}
@@ -359,12 +368,13 @@ function shifts_json_export_all_controller()
function shifts_json_export_controller()
{
global $user;
+ $request = request();
- if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
+ if (!$request->has('key') || !preg_match('/^[\da-f]{32}$/', $request->input('key'))) {
engelsystem_error('Missing key.');
}
- $key = $_REQUEST['key'];
+ $key = $request->input('key');
$user = User_by_api_key($key);
if ($user == null) {
diff --git a/includes/controller/shifttypes_controller.php b/includes/controller/shifttypes_controller.php
index 9a470e29..acdeb982 100644
--- a/includes/controller/shifttypes_controller.php
+++ b/includes/controller/shifttypes_controller.php
@@ -16,17 +16,18 @@ function shifttype_link($shifttype)
*/
function shifttype_delete_controller()
{
- if (!isset($_REQUEST['shifttype_id'])) {
+ $request = request();
+ if (!$request->has('shifttype_id')) {
redirect(page_link_to('shifttypes'));
}
- $shifttype = ShiftType($_REQUEST['shifttype_id']);
+ $shifttype = ShiftType($request->input('shifttype_id'));
if ($shifttype == null) {
redirect(page_link_to('shifttypes'));
}
- if (isset($_REQUEST['confirmed'])) {
+ if ($request->has('confirmed')) {
$result = ShiftType_delete($shifttype['id']);
if (empty($result)) {
engelsystem_error('Unable to delete shifttype.');
@@ -56,9 +57,10 @@ function shifttype_edit_controller()
$description = '';
$angeltypes = AngelTypes();
+ $request = request();
- if (isset($_REQUEST['shifttype_id'])) {
- $shifttype = ShiftType($_REQUEST['shifttype_id']);
+ if ($request->has('shifttype_id')) {
+ $shifttype = ShiftType($request->input('shifttype_id'));
if ($shifttype == null) {
error(_('Shifttype not found.'));
redirect(page_link_to('shifttypes'));
@@ -69,23 +71,23 @@ function shifttype_edit_controller()
$description = $shifttype['description'];
}
- if (isset($_REQUEST['submit'])) {
+ if ($request->has('submit')) {
$valid = true;
- if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
+ if ($request->has('name') && $request->input('name') != '') {
$name = strip_request_item('name');
} else {
$valid = false;
error(_('Please enter a name.'));
}
- if (isset($_REQUEST['angeltype_id']) && preg_match('/^\d+$/', $_REQUEST['angeltype_id'])) {
- $angeltype_id = $_REQUEST['angeltype_id'];
+ if ($request->has('angeltype_id') && preg_match('/^\d+$/', $request->input('angeltype_id'))) {
+ $angeltype_id = $request->input('angeltype_id');
} else {
$angeltype_id = null;
}
- if (isset($_REQUEST['description'])) {
+ if ($request->has('description')) {
$description = strip_request_item_nl('description');
}
@@ -120,10 +122,11 @@ function shifttype_edit_controller()
*/
function shifttype_controller()
{
- if (!isset($_REQUEST['shifttype_id'])) {
+ $request = request();
+ if (!$request->has('shifttype_id')) {
redirect(page_link_to('shifttypes'));
}
- $shifttype = ShiftType($_REQUEST['shifttype_id']);
+ $shifttype = ShiftType($request->input('shifttype_id'));
if ($shifttype == null) {
redirect(page_link_to('shifttypes'));
}
@@ -174,11 +177,13 @@ function shifttypes_title()
*/
function shifttypes_controller()
{
- if (!isset($_REQUEST['action'])) {
- $_REQUEST['action'] = 'list';
+ $request = request();
+ $action = 'list';
+ if ($request->has('action')) {
+ $action = $request->input('action');
}
- switch ($_REQUEST['action']) {
+ switch ($action) {
case 'view':
return shifttype_controller();
case 'edit':
diff --git a/includes/controller/user_angeltypes_controller.php b/includes/controller/user_angeltypes_controller.php
index f31aeecd..41185552 100644
--- a/includes/controller/user_angeltypes_controller.php
+++ b/includes/controller/user_angeltypes_controller.php
@@ -38,13 +38,14 @@ function user_angeltypes_unconfirmed_hint()
function user_angeltypes_delete_all_controller()
{
global $user;
+ $request = request();
- if (!isset($_REQUEST['angeltype_id'])) {
+ if (!$request->has('angeltype_id')) {
error(_('Angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
- $angeltype = AngelType($_REQUEST['angeltype_id']);
+ $angeltype = AngelType($request->input('angeltype_id'));
if ($angeltype == null) {
error(_('Angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
@@ -55,7 +56,7 @@ function user_angeltypes_delete_all_controller()
redirect(page_link_to('angeltypes'));
}
- if (isset($_REQUEST['confirmed'])) {
+ if ($request->has('confirmed')) {
UserAngelTypes_delete_all($angeltype['id']);
engelsystem_log(sprintf('Denied all users for angeltype %s', AngelType_name_render($angeltype)));
@@ -77,13 +78,14 @@ function user_angeltypes_delete_all_controller()
function user_angeltypes_confirm_all_controller()
{
global $user, $privileges;
+ $request = request();
- if (!isset($_REQUEST['angeltype_id'])) {
+ if (!$request->has('angeltype_id')) {
error(_('Angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
- $angeltype = AngelType($_REQUEST['angeltype_id']);
+ $angeltype = AngelType($request->input('angeltype_id'));
if ($angeltype == null) {
error(_('Angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
@@ -100,7 +102,7 @@ function user_angeltypes_confirm_all_controller()
redirect(page_link_to('angeltypes'));
}
- if (isset($_REQUEST['confirmed'])) {
+ if ($request->has('confirmed')) {
UserAngelTypes_confirm_all($angeltype['id'], $user);
engelsystem_log(sprintf('Confirmed all users for angeltype %s', AngelType_name_render($angeltype)));
@@ -122,13 +124,14 @@ function user_angeltypes_confirm_all_controller()
function user_angeltype_confirm_controller()
{
global $user;
+ $request = request();
- if (!isset($_REQUEST['user_angeltype_id'])) {
+ if (!$request->has('user_angeltype_id')) {
error(_('User angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
- $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
+ $user_angeltype = UserAngelType($request->input('user_angeltype_id'));
if ($user_angeltype == null) {
error(_('User angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
@@ -151,7 +154,7 @@ function user_angeltype_confirm_controller()
redirect(page_link_to('angeltypes'));
}
- if (isset($_REQUEST['confirmed'])) {
+ if ($request->has('confirmed')) {
UserAngelType_confirm($user_angeltype['id'], $user);
engelsystem_log(sprintf(
@@ -181,13 +184,14 @@ function user_angeltype_confirm_controller()
function user_angeltype_delete_controller()
{
global $user;
+ $request = request();
- if (!isset($_REQUEST['user_angeltype_id'])) {
+ if (!$request->has('user_angeltype_id')) {
error(_('User angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
- $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
+ $user_angeltype = UserAngelType($request->input('user_angeltype_id'));
if ($user_angeltype == null) {
error(_('User angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
@@ -210,7 +214,7 @@ function user_angeltype_delete_controller()
redirect(page_link_to('angeltypes'));
}
- if (isset($_REQUEST['confirmed'])) {
+ if ($request->has('confirmed')) {
$result = UserAngelType_delete($user_angeltype);
if ($result === false) {
engelsystem_error('Unable to delete user angeltype.');
@@ -238,25 +242,26 @@ function user_angeltype_update_controller()
{
global $privileges;
$supporter = false;
+ $request = request();
if (!in_array('admin_angel_types', $privileges)) {
error(_('You are not allowed to set supporter rights.'));
redirect(page_link_to('angeltypes'));
}
- if (!isset($_REQUEST['user_angeltype_id'])) {
+ if (!$request->has('user_angeltype_id')) {
error(_('User angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
}
- if (isset($_REQUEST['supporter']) && preg_match('/^[01]$/', $_REQUEST['supporter'])) {
- $supporter = $_REQUEST['supporter'] == '1';
+ if ($request->has('supporter') && preg_match('/^[01]$/', $request->input('supporter'))) {
+ $supporter = $request->input('supporter') == '1';
} else {
error(_('No supporter update given.'));
redirect(page_link_to('angeltypes'));
}
- $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']);
+ $user_angeltype = UserAngelType($request->input('user_angeltype_id'));
if ($user_angeltype == null) {
error(_('User angeltype doesn\'t exist.'));
redirect(page_link_to('angeltypes'));
@@ -274,7 +279,7 @@ function user_angeltype_update_controller()
redirect(page_link_to('angeltypes'));
}
- if (isset($_REQUEST['confirmed'])) {
+ if ($request->has('confirmed')) {
UserAngelType_update($user_angeltype['id'], $supporter);
$success_message = sprintf(
@@ -300,7 +305,6 @@ function user_angeltype_update_controller()
function user_angeltype_add_controller()
{
global $user;
-
$angeltype = load_angeltype();
// User is joining by itself
@@ -316,7 +320,7 @@ function user_angeltype_add_controller()
// Load possible users, that are not in the angeltype already
$users_source = Users_by_angeltype_inverted($angeltype);
- if (isset($_REQUEST['submit'])) {
+ if (request()->has('submit')) {
$user_source = load_user();
if (!UserAngelType_exists($user_source, $angeltype)) {
@@ -366,7 +370,7 @@ function user_angeltype_join_controller($angeltype)
redirect(page_link_to('angeltypes'));
}
- if (isset($_REQUEST['confirmed'])) {
+ if (request()->has('confirmed')) {
$user_angeltype_id = UserAngelType_create($user, $angeltype);
$success_message = sprintf(_('You joined %s.'), $angeltype['name']);
@@ -398,11 +402,12 @@ function user_angeltype_join_controller($angeltype)
*/
function user_angeltypes_controller()
{
- if (!isset($_REQUEST['action'])) {
+ $request = request();
+ if (!$request->has('action')) {
redirect(page_link_to('angeltypes'));
}
- switch ($_REQUEST['action']) {
+ switch ($request->input('action')) {
case 'delete_all':
return user_angeltypes_delete_all_controller();
case 'confirm_all':
diff --git a/includes/controller/user_driver_licenses_controller.php b/includes/controller/user_driver_licenses_controller.php
index 3098c8ce..fef278dd 100644
--- a/includes/controller/user_driver_licenses_controller.php
+++ b/includes/controller/user_driver_licenses_controller.php
@@ -74,11 +74,11 @@ function user_driver_license_edit_link($user = null)
function user_driver_license_load_user()
{
global $user;
-
+ $request = request();
$user_source = $user;
- if (isset($_REQUEST['user_id'])) {
- $user_source = User($_REQUEST['user_id']);
+ if ($request->has('user_id')) {
+ $user_source = User($request->input('user_id'));
if ($user_source == null) {
redirect(user_driver_license_edit_link());
}
@@ -95,7 +95,7 @@ function user_driver_license_load_user()
function user_driver_license_edit_controller()
{
global $privileges, $user;
-
+ $request = request();
$user_source = user_driver_license_load_user();
// only privilege admin_user can edit other users driver license information
@@ -111,15 +111,15 @@ function user_driver_license_edit_controller()
$wants_to_drive = true;
}
- if (isset($_REQUEST['submit'])) {
- $wants_to_drive = isset($_REQUEST['wants_to_drive']);
+ if ($request->has('submit')) {
+ $wants_to_drive = $request->has('wants_to_drive');
if ($wants_to_drive) {
- $user_driver_license['has_car'] = isset($_REQUEST['has_car']);
- $user_driver_license['has_license_car'] = isset($_REQUEST['has_license_car']);
- $user_driver_license['has_license_3_5t_transporter'] = isset($_REQUEST['has_license_3_5t_transporter']);
- $user_driver_license['has_license_7_5t_truck'] = isset($_REQUEST['has_license_7_5t_truck']);
- $user_driver_license['has_license_12_5t_truck'] = isset($_REQUEST['has_license_12_5t_truck']);
- $user_driver_license['has_license_forklift'] = isset($_REQUEST['has_license_forklift']);
+ $user_driver_license['has_car'] = $request->has('has_car');
+ $user_driver_license['has_license_car'] = $request->has('has_license_car');
+ $user_driver_license['has_license_3_5t_transporter'] = $request->has('has_license_3_5t_transporter');
+ $user_driver_license['has_license_7_5t_truck'] = $request->has('has_license_7_5t_truck');
+ $user_driver_license['has_license_12_5t_truck'] = $request->has('has_license_12_5t_truck');
+ $user_driver_license['has_license_forklift'] = $request->has('has_license_forklift');
if (UserDriverLicense_valid($user_driver_license)) {
if ($user_driver_license['user_id'] == null) {
diff --git a/includes/controller/users_controller.php b/includes/controller/users_controller.php
index 84b6bbda..96e2c81b 100644
--- a/includes/controller/users_controller.php
+++ b/includes/controller/users_controller.php
@@ -12,16 +12,18 @@ use Engelsystem\ShiftsFilter;
function users_controller()
{
global $user;
+ $request = request();
if (!isset($user)) {
redirect(page_link_to(''));
}
- if (!isset($_REQUEST['action'])) {
- $_REQUEST['action'] = 'list';
+ $action = 'list';
+ if ($request->has('action')) {
+ $action = $request->input('action');
}
- switch ($_REQUEST['action']) {
+ switch ($action) {
case 'view':
return user_controller();
case 'delete':
@@ -42,9 +44,10 @@ function users_controller()
function user_delete_controller()
{
global $privileges, $user;
+ $request = request();
- if (isset($_REQUEST['user_id'])) {
- $user_source = User($_REQUEST['user_id']);
+ if ($request->has('user_id')) {
+ $user_source = User($request->get('user_id'));
} else {
$user_source = $user;
}
@@ -59,11 +62,14 @@ function user_delete_controller()
redirect(user_link($user));
}
- if (isset($_REQUEST['submit'])) {
+ if ($request->has('submit')) {
$valid = true;
- if (!(isset($_REQUEST['password']) && verify_password($_REQUEST['password'], $user['Passwort'],
- $user['UID']))
+ if (
+ !(
+ $request->has('password')
+ && verify_password($request->input('password'), $user['Passwort'], $user['UID'])
+ )
) {
$valid = false;
error(_('Your password is incorrect. Please try it again.'));
@@ -130,9 +136,10 @@ function user_link($user)
function user_edit_vouchers_controller()
{
global $privileges, $user;
+ $request = request();
- if (isset($_REQUEST['user_id'])) {
- $user_source = User($_REQUEST['user_id']);
+ if ($request->has('user_id')) {
+ $user_source = User($request->input('user_id'));
} else {
$user_source = $user;
}
@@ -141,12 +148,16 @@ function user_edit_vouchers_controller()
redirect(page_link_to(''));
}
- if (isset($_REQUEST['submit'])) {
+ if ($request->has('submit')) {
$valid = true;
$vouchers = '';
- if (isset($_REQUEST['vouchers']) && test_request_int('vouchers') && trim($_REQUEST['vouchers']) >= 0) {
- $vouchers = trim($_REQUEST['vouchers']);
+ if (
+ $request->has('vouchers')
+ && test_request_int('vouchers')
+ && trim($request->input('vouchers')) >= 0
+ ) {
+ $vouchers = trim($request->input('vouchers'));
} else {
$valid = false;
error(_('Please enter a valid number of vouchers.'));
@@ -180,10 +191,11 @@ function user_edit_vouchers_controller()
function user_controller()
{
global $privileges, $user;
+ $request = request();
$user_source = $user;
- if (isset($_REQUEST['user_id'])) {
- $user_source = User($_REQUEST['user_id']);
+ if ($request->has('user_id')) {
+ $user_source = User($request->input('user_id'));
if ($user_source == null) {
error(_('User not found.'));
redirect('?');
@@ -241,14 +253,15 @@ function user_controller()
function users_list_controller()
{
global $privileges;
+ $request = request();
if (!in_array('admin_user', $privileges)) {
redirect(page_link_to(''));
}
$order_by = 'Nick';
- if (isset($_REQUEST['OrderBy']) && in_array($_REQUEST['OrderBy'], User_sortable_columns())) {
- $order_by = $_REQUEST['OrderBy'];
+ if ($request->has('OrderBy') && in_array($request->input('OrderBy'), User_sortable_columns())) {
+ $order_by = $request->input('OrderBy');
}
$users = Users($order_by);
@@ -282,20 +295,21 @@ function users_list_controller()
*/
function user_password_recovery_set_new_controller()
{
- $user_source = User_by_password_recovery_token($_REQUEST['token']);
+ $request = request();
+ $user_source = User_by_password_recovery_token($request->input('token'));
if ($user_source == null) {
error(_('Token is not correct.'));
redirect(page_link_to('login'));
}
- if (isset($_REQUEST['submit'])) {
+ if ($request->has('submit')) {
$valid = true;
if (
- isset($_REQUEST['password'])
- && strlen($_REQUEST['password']) >= config('min_password_length')
+ $request->has('password')
+ && strlen($request->post('password')) >= config('min_password_length')
) {
- if ($_REQUEST['password'] != $_REQUEST['password2']) {
+ if ($request->post('password') != $request->post('password2')) {
$valid = false;
error(_('Your passwords don\'t match.'));
}
@@ -305,7 +319,7 @@ function user_password_recovery_set_new_controller()
}
if ($valid) {
- set_password($user_source['UID'], $_REQUEST['password']);
+ set_password($user_source['UID'], $request->post('password'));
success(_('Password saved.'));
redirect(page_link_to('login'));
}
@@ -321,10 +335,11 @@ function user_password_recovery_set_new_controller()
*/
function user_password_recovery_start_controller()
{
- if (isset($_REQUEST['submit'])) {
+ $request = request();
+ if ($request->has('submit')) {
$valid = true;
- if (isset($_REQUEST['email']) && strlen(strip_request_item('email')) > 0) {
+ if ($request->has('email') && strlen(strip_request_item('email')) > 0) {
$email = strip_request_item('email');
if (check_email($email)) {
$user_source = User_by_email($email);
@@ -367,7 +382,7 @@ function user_password_recovery_start_controller()
*/
function user_password_recovery_controller()
{
- if (isset($_REQUEST['token'])) {
+ if (request()->has('token')) {
return user_password_recovery_set_new_controller();
}
@@ -391,11 +406,12 @@ function user_password_recovery_title()
*/
function load_user()
{
- if (!isset($_REQUEST['user_id'])) {
+ $request = request();
+ if (!$request->has('user_id')) {
redirect(page_link_to());
}
- $user = User($_REQUEST['user_id']);
+ $user = User($request->input('user_id'));
if ($user == null) {
error(_('User doesn\'t exist.'));