summaryrefslogtreecommitdiff
path: root/includes/pages
diff options
context:
space:
mode:
Diffstat (limited to 'includes/pages')
-rw-r--r--includes/pages/admin_active.php27
-rw-r--r--includes/pages/admin_arrive.php12
-rw-r--r--includes/pages/admin_free.php16
-rw-r--r--includes/pages/admin_groups.php21
-rw-r--r--includes/pages/admin_import.php48
-rw-r--r--includes/pages/admin_log.php2
-rw-r--r--includes/pages/admin_news.php17
-rw-r--r--includes/pages/admin_questions.php15
-rw-r--r--includes/pages/admin_rooms.php36
-rw-r--r--includes/pages/admin_shifts.php69
-rw-r--r--includes/pages/admin_user.php58
-rw-r--r--includes/pages/guest_login.php63
-rw-r--r--includes/pages/guest_stats.php5
-rw-r--r--includes/pages/user_atom.php9
-rw-r--r--includes/pages/user_ical.php5
-rw-r--r--includes/pages/user_messages.php16
-rw-r--r--includes/pages/user_myshifts.php25
-rw-r--r--includes/pages/user_news.php47
-rw-r--r--includes/pages/user_questions.php9
-rw-r--r--includes/pages/user_settings.php55
-rw-r--r--includes/pages/user_shifts.php9
21 files changed, 297 insertions, 267 deletions
diff --git a/includes/pages/admin_active.php b/includes/pages/admin_active.php
index d21afabe..2e06f90d 100644
--- a/includes/pages/admin_active.php
+++ b/includes/pages/admin_active.php
@@ -17,6 +17,7 @@ function admin_active()
{
$tshirt_sizes = config('tshirt_sizes');
$shift_sum_formula = config('shift_sum_formula');
+ $request = request();
$msg = '';
$search = '';
@@ -25,16 +26,16 @@ function admin_active()
$limit = '';
$set_active = '';
- if (isset($_REQUEST['search'])) {
+ if ($request->has('search')) {
$search = strip_request_item('search');
}
- $show_all_shifts = isset($_REQUEST['show_all_shifts']);
+ $show_all_shifts = $request->has('show_all_shifts');
- if (isset($_REQUEST['set_active'])) {
+ if ($request->has('set_active')) {
$valid = true;
- if (isset($_REQUEST['count']) && preg_match('/^\d+$/', $_REQUEST['count'])) {
+ if ($request->has('count') && preg_match('/^\d+$/', $request->input('count'))) {
$count = strip_request_item('count');
if ($count < $forced_count) {
error(sprintf(
@@ -51,7 +52,7 @@ function admin_active()
if ($valid) {
$limit = ' LIMIT ' . $count;
}
- if (isset($_REQUEST['ack'])) {
+ if ($request->has('ack')) {
DB::update('UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0');
$users = DB::select(sprintf('
SELECT
@@ -89,8 +90,8 @@ function admin_active()
}
}
- if (isset($_REQUEST['active']) && preg_match('/^\d+$/', $_REQUEST['active'])) {
- $user_id = $_REQUEST['active'];
+ if ($request->has('active') && preg_match('/^\d+$/', $request->input('active'))) {
+ $user_id = $request->input('active');
$user_source = User($user_id);
if ($user_source != null) {
DB::update('UPDATE `User` SET `Aktiv`=1 WHERE `UID`=? LIMIT 1', [$user_id]);
@@ -99,8 +100,8 @@ function admin_active()
} else {
$msg = error(_('Angel not found.'), true);
}
- } elseif (isset($_REQUEST['not_active']) && preg_match('/^\d+$/', $_REQUEST['not_active'])) {
- $user_id = $_REQUEST['not_active'];
+ } elseif ($request->has('not_active') && preg_match('/^\d+$/', $request->input('not_active'))) {
+ $user_id = $request->input('not_active');
$user_source = User($user_id);
if ($user_source != null) {
DB::update('UPDATE `User` SET `Aktiv`=0 WHERE `UID`=? LIMIT 1', [$user_id]);
@@ -109,8 +110,8 @@ function admin_active()
} else {
$msg = error(_('Angel not found.'), true);
}
- } elseif (isset($_REQUEST['tshirt']) && preg_match('/^\d+$/', $_REQUEST['tshirt'])) {
- $user_id = $_REQUEST['tshirt'];
+ } elseif ($request->has('tshirt') && preg_match('/^\d+$/', $request->input('tshirt'))) {
+ $user_id = $request->input('tshirt');
$user_source = User($user_id);
if ($user_source != null) {
DB::update('UPDATE `User` SET `Tshirt`=1 WHERE `UID`=? LIMIT 1', [$user_id]);
@@ -119,8 +120,8 @@ function admin_active()
} else {
$msg = error('Angel not found.', true);
}
- } elseif (isset($_REQUEST['not_tshirt']) && preg_match('/^\d+$/', $_REQUEST['not_tshirt'])) {
- $user_id = $_REQUEST['not_tshirt'];
+ } elseif ($request->has('not_tshirt') && preg_match('/^\d+$/', $request->input('not_tshirt'))) {
+ $user_id = $request->input('not_tshirt');
$user_source = User($user_id);
if ($user_source != null) {
DB::update('UPDATE `User` SET `Tshirt`=0 WHERE `UID`=? LIMIT 1', [$user_id]);
diff --git a/includes/pages/admin_arrive.php b/includes/pages/admin_arrive.php
index 77155dae..ebeccb8c 100644
--- a/includes/pages/admin_arrive.php
+++ b/includes/pages/admin_arrive.php
@@ -17,12 +17,14 @@ function admin_arrive()
{
$msg = '';
$search = '';
- if (isset($_REQUEST['search'])) {
+ $request = request();
+
+ if ($request->has('search')) {
$search = strip_request_item('search');
}
- if (isset($_REQUEST['reset']) && preg_match('/^\d*$/', $_REQUEST['reset'])) {
- $user_id = $_REQUEST['reset'];
+ if ($request->has('reset') && preg_match('/^\d*$/', $request->input('reset'))) {
+ $user_id = $request->input('reset');
$user_source = User($user_id);
if ($user_source != null) {
DB::update('
@@ -37,8 +39,8 @@ function admin_arrive()
} else {
$msg = error(_('Angel not found.'), true);
}
- } elseif (isset($_REQUEST['arrived']) && preg_match('/^\d*$/', $_REQUEST['arrived'])) {
- $user_id = $_REQUEST['arrived'];
+ } elseif ($request->has('arrived') && preg_match('/^\d*$/', $request->input('arrived'))) {
+ $user_id = $request->input('arrived');
$user_source = User($user_id);
if ($user_source != null) {
DB::update('
diff --git a/includes/pages/admin_free.php b/includes/pages/admin_free.php
index daaead22..ebf227a4 100644
--- a/includes/pages/admin_free.php
+++ b/includes/pages/admin_free.php
@@ -16,20 +16,20 @@ function admin_free_title()
function admin_free()
{
global $privileges;
+ $request = request();
$search = '';
- if (isset($_REQUEST['search'])) {
+ if ($request->has('search')) {
$search = strip_request_item('search');
}
$angelTypeSearch = '';
- if (empty($_REQUEST['angeltype'])) {
- $_REQUEST['angeltype'] = '';
- } else {
+ $angelType = $request->input('angeltype', '');
+ if (!empty($angelType)) {
$angelTypeSearch = ' INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = '
- . DB::getPdo()->quote($_REQUEST['angeltype'])
+ . DB::getPdo()->quote($angelType)
. ' AND `UserAngelTypes`.`user_id` = `User`.`UID`';
- if (isset($_REQUEST['confirmed_only'])) {
+ if ($request->has('confirmed_only')) {
$angelTypeSearch .= ' AND `UserAngelTypes`.`confirm_user_id`';
}
$angelTypeSearch .= ') ';
@@ -105,10 +105,10 @@ function admin_free()
form_text('search', _('Search'), $search)
]),
div('col-md-4', [
- form_select('angeltype', _('Angeltype'), $angel_types, $_REQUEST['angeltype'])
+ form_select('angeltype', _('Angeltype'), $angel_types, $angelType)
]),
div('col-md-2', [
- form_checkbox('confirmed_only', _('Only confirmed'), isset($_REQUEST['confirmed_only']))
+ form_checkbox('confirmed_only', _('Only confirmed'), $request->has('confirmed_only'))
]),
div('col-md-2', [
form_submit('submit', _('Search'))
diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php
index 4011ccf1..c483a79d 100644
--- a/includes/pages/admin_groups.php
+++ b/includes/pages/admin_groups.php
@@ -16,8 +16,10 @@ function admin_groups_title()
function admin_groups()
{
$html = '';
+ $request = request();
$groups = DB::select('SELECT * FROM `Groups` ORDER BY `Name`');
- if (!isset($_REQUEST['action'])) {
+
+ if (!$request->has('action')) {
$groups_table = [];
foreach ($groups as $group) {
$privileges = DB::select('
@@ -51,10 +53,10 @@ function admin_groups()
], $groups_table)
]);
} else {
- switch ($_REQUEST['action']) {
+ switch ($request->input('action')) {
case 'edit':
- if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) {
- $group_id = $_REQUEST['id'];
+ if ($request->has('id') && preg_match('/^-\d{1,11}$/', $request->input('id'))) {
+ $group_id = $request->input('id');
} else {
return error('Incomplete call, missing Groups ID.', true);
}
@@ -99,21 +101,22 @@ function admin_groups()
break;
case 'save':
- if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) {
- $group_id = $_REQUEST['id'];
+ if ($request->has('id') && preg_match('/^-\d{1,11}$/', $request->input('id'))) {
+ $group_id = $request->input('id');
} else {
return error('Incomplete call, missing Groups ID.', true);
}
$group = DB::select('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]);
- if (!is_array($_REQUEST['privileges'])) {
- $_REQUEST['privileges'] = [];
+ $privileges = $request->get('privileges');
+ if (!is_array($privileges)) {
+ $privileges = [];
}
if (!empty($group)) {
$group = array_shift($group);
DB::delete('DELETE FROM `GroupPrivileges` WHERE `group_id`=?', [$group_id]);
$privilege_names = [];
- foreach ($_REQUEST['privileges'] as $privilege) {
+ foreach ($privileges as $privilege) {
if (preg_match('/^\d{1,}$/', $privilege)) {
$group_privileges_source = DB::select(
'SELECT `name` FROM `Privileges` WHERE `id`=? LIMIT 1',
diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php
index 7a246b4b..3cbed9f9 100644
--- a/includes/pages/admin_import.php
+++ b/includes/pages/admin_import.php
@@ -15,21 +15,21 @@ function admin_import_title()
*/
function admin_import()
{
- global $rooms_import;
- global $user;
+ global $rooms_import, $user;
$html = '';
$import_dir = __DIR__ . '/../../import';
+ $request = request();
$step = 'input';
if (
- isset($_REQUEST['step'])
- && in_array($step, [
+ $request->has('step')
+ && in_array($request->input('step'), [
'input',
'check',
'import'
])
) {
- $step = $_REQUEST['step'];
+ $step = $request->input('step');
}
if ($test_handle = @fopen($import_dir . '/tmp', 'w')) {
@@ -57,25 +57,25 @@ function admin_import()
case 'input':
$valid = false;
- if (isset($_REQUEST['submit'])) {
+ if ($request->has('submit')) {
$valid = true;
- if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
- $shifttype_id = $_REQUEST['shifttype_id'];
+ if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) {
+ $shifttype_id = $request->input('shifttype_id');
} else {
$valid = false;
error(_('Please select a shift type.'));
}
- if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
- $add_minutes_start = trim($_REQUEST['add_minutes_start']);
+ if ($request->has('add_minutes_start') && is_numeric(trim($request->input('add_minutes_start')))) {
+ $add_minutes_start = trim($request->input('add_minutes_start'));
} else {
$valid = false;
error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
}
- if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
- $add_minutes_end = trim($_REQUEST['add_minutes_end']);
+ if ($request->has('add_minutes_end') && is_numeric(trim($request->input('add_minutes_end')))) {
+ $add_minutes_end = trim($request->input('add_minutes_end'));
} else {
$valid = false;
error(_('Please enter an amount of minutes to add to a talk\'s end.'));
@@ -133,22 +133,22 @@ function admin_import()
redirect(page_link_to('admin_import'));
}
- if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
- $shifttype_id = $_REQUEST['shifttype_id'];
+ if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) {
+ $shifttype_id = $request->input('shifttype_id');
} else {
error(_('Please select a shift type.'));
redirect(page_link_to('admin_import'));
}
- if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
- $add_minutes_start = trim($_REQUEST['add_minutes_start']);
+ if ($request->has('add_minutes_start') && is_numeric(trim($request->input('add_minutes_start')))) {
+ $add_minutes_start = trim($request->input('add_minutes_start'));
} else {
error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
redirect(page_link_to('admin_import'));
}
- if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
- $add_minutes_end = trim($_REQUEST['add_minutes_end']);
+ if ($request->has('add_minutes_end') && is_numeric(trim($request->input(('add_minutes_end'))))) {
+ $add_minutes_end = trim($request->input('add_minutes_end'));
} else {
error(_('Please enter an amount of minutes to add to a talk\'s end.'));
redirect(page_link_to('admin_import'));
@@ -227,22 +227,22 @@ function admin_import()
redirect(page_link_to('admin_import'));
}
- if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
- $shifttype_id = $_REQUEST['shifttype_id'];
+ if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) {
+ $shifttype_id = $request->input('shifttype_id');
} else {
error(_('Please select a shift type.'));
redirect(page_link_to('admin_import'));
}
- if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) {
- $add_minutes_start = trim($_REQUEST['add_minutes_start']);
+ if ($request->has('add_minutes_start') && is_numeric(trim($request->input('add_minutes_start')))) {
+ $add_minutes_start = trim($request->input('add_minutes_start'));
} else {
error(_('Please enter an amount of minutes to add to a talk\'s begin.'));
redirect(page_link_to('admin_import'));
}
- if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) {
- $add_minutes_end = trim($_REQUEST['add_minutes_end']);
+ if ($request->has('add_minutes_end') && is_numeric(trim($request->input('add_minutes_end')))) {
+ $add_minutes_end = trim($request->input('add_minutes_end'));
} else {
error(_('Please enter an amount of minutes to add to a talk\'s end.'));
redirect(page_link_to('admin_import'));
diff --git a/includes/pages/admin_log.php b/includes/pages/admin_log.php
index 9e5e5827..03c9abb0 100644
--- a/includes/pages/admin_log.php
+++ b/includes/pages/admin_log.php
@@ -14,7 +14,7 @@ function admin_log_title()
function admin_log()
{
$filter = '';
- if (isset($_REQUEST['keyword'])) {
+ if (request()->has('keyword')) {
$filter = strip_request_item('keyword');
}
$log_entries_source = LogEntries_filter($filter);
diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php
index bc242831..7f8ca1ba 100644
--- a/includes/pages/admin_news.php
+++ b/includes/pages/admin_news.php
@@ -8,14 +8,15 @@ use Engelsystem\Database\DB;
function admin_news()
{
global $user;
+ $request = request();
- if (!isset($_GET['action'])) {
+ if (!$request->has('action')) {
redirect(page_link_to('news'));
}
$html = '<div class="col-md-12"><h1>' . _('Edit news entry') . '</h1>' . msg();
- if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
- $news_id = $_REQUEST['id'];
+ if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
+ $news_id = $request->input('id');
} else {
return error('Incomplete call, missing News ID.', true);
}
@@ -25,7 +26,7 @@ function admin_news()
return error('No News found.', true);
}
- switch ($_REQUEST['action']) {
+ switch ($request->input('action')) {
case 'edit':
$news = array_shift($news);
$user_source = User($news['UID']);
@@ -56,14 +57,14 @@ function admin_news()
',
[
time(),
- $_POST["eBetreff"],
- $_POST["eText"],
+ $request->post('eBetreff'),
+ $request->post('eText'),
$user['UID'],
- isset($_POST["eTreffen"]) ? 1 : 0,
+ $request->has('eTreffen') ? 1 : 0,
$news_id
]
);
- engelsystem_log('News updated: ' . $_POST['eBetreff']);
+ engelsystem_log('News updated: ' . $request->post('eBetreff'));
success(_('News entry updated.'));
redirect(page_link_to('news'));
break;
diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php
index 098701e3..d05bace6 100644
--- a/includes/pages/admin_questions.php
+++ b/includes/pages/admin_questions.php
@@ -38,8 +38,9 @@ function admin_new_questions()
function admin_questions()
{
global $user;
+ $request = request();
- if (!isset($_REQUEST['action'])) {
+ if (!$request->has('action')) {
$unanswered_questions_table = [];
$questions = DB::select('SELECT * FROM `Questions` WHERE `AID` IS NULL');
foreach ($questions as $question) {
@@ -96,10 +97,10 @@ function admin_questions()
], $answered_questions_table)
]);
} else {
- switch ($_REQUEST['action']) {
+ switch ($request->input('action')) {
case 'answer':
- if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
- $question_id = $_REQUEST['id'];
+ if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
+ $question_id = $request->input('id');
} else {
return error('Incomplete call, missing Question ID.', true);
}
@@ -112,7 +113,7 @@ function admin_questions()
$answer = trim(
preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui",
'',
- strip_tags($_REQUEST['answer'])
+ strip_tags($request->input('answer'))
));
if ($answer != '') {
@@ -138,8 +139,8 @@ function admin_questions()
}
break;
case 'delete':
- if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
- $question_id = $_REQUEST['id'];
+ if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
+ $question_id = $request->input('id');
} else {
return error('Incomplete call, missing Question ID.', true);
}
diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php
index d483f99e..3045242b 100644
--- a/includes/pages/admin_rooms.php
+++ b/includes/pages/admin_rooms.php
@@ -17,6 +17,8 @@ function admin_rooms()
{
$rooms_source = DB::select('SELECT * FROM `Room` ORDER BY `Name`');
$rooms = [];
+ $request = request();
+
foreach ($rooms_source as $room) {
$rooms[] = [
'name' => Room_name_render($room),
@@ -30,7 +32,7 @@ function admin_rooms()
}
$room = null;
- if (isset($_REQUEST['show'])) {
+ if ($request->has('show')) {
$msg = '';
$name = '';
$from_pentabarf = '';
@@ -47,7 +49,7 @@ function admin_rooms()
}
if (test_request_int('id')) {
- $room = Room($_REQUEST['id'], false);
+ $room = Room($request->input('id'), false);
if ($room === false) {
engelsystem_error('Unable to load room.');
}
@@ -55,7 +57,7 @@ function admin_rooms()
redirect(page_link_to('admin_rooms'));
}
- $room_id = $_REQUEST['id'];
+ $room_id = $request->input('id');
$name = $room['Name'];
$from_pentabarf = $room['FromPentabarf'];
$public = $room['show'];
@@ -70,11 +72,11 @@ function admin_rooms()
}
}
- if ($_REQUEST['show'] == 'edit') {
- if (isset($_REQUEST['submit'])) {
+ if ($request->input('show') == 'edit') {
+ if ($request->has('submit')) {
$valid = true;
- if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) {
+ if ($request->has('name') && strlen(strip_request_item('name')) > 0) {
$name = strip_request_item('name');
if (
isset($room)
@@ -91,19 +93,17 @@ function admin_rooms()
$msg .= error(_('Please enter a name.'), true);
}
- if (isset($_REQUEST['from_pentabarf'])) {
+ $from_pentabarf = '';
+ if ($request->has('from_pentabarf')) {
$from_pentabarf = 'Y';
- } else {
- $from_pentabarf = '';
}
- if (isset($_REQUEST['public'])) {
+ $public = '';
+ if ($request->has('public')) {
$public = 'Y';
- } else {
- $public = '';
}
- if (isset($_REQUEST['number'])) {
+ if ($request->has('number')) {
$number = strip_request_item('number');
} else {
$valid = false;
@@ -111,10 +111,10 @@ function admin_rooms()
foreach ($angeltypes as $angeltype_id => $angeltype) {
if (
- isset($_REQUEST['angeltype_count_' . $angeltype_id])
- && preg_match('/^\d{1,4}$/', $_REQUEST['angeltype_count_' . $angeltype_id])
+ $request->has('angeltype_count_' . $angeltype_id)
+ && preg_match('/^\d{1,4}$/', $request->input('angeltype_count_' . $angeltype_id))
) {
- $angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
+ $angeltypes_count[$angeltype_id] = $request->input('angeltype_count_' . $angeltype_id);
} else {
$valid = false;
$msg .= error(sprintf(_('Please enter needed angels for type %s.'), $angeltype), true);
@@ -209,8 +209,8 @@ function admin_rooms()
form_submit('submit', _('Save'))
])
]);
- } elseif ($_REQUEST['show'] == 'delete') {
- if (isset($_REQUEST['ack'])) {
+ } elseif ($request->input('show') == 'delete') {
+ if ($request->has('ack')) {
if (!Room_delete($room_id)) {
engelsystem_error('Unable to delete room.');
}
diff --git a/includes/pages/admin_shifts.php b/includes/pages/admin_shifts.php
index 06071233..5b53f9cd 100644
--- a/includes/pages/admin_shifts.php
+++ b/includes/pages/admin_shifts.php
@@ -18,7 +18,7 @@ function admin_shifts_title()
function admin_shifts()
{
$valid = true;
-
+ $request = request();
$start = parse_date('Y-m-d H:i', date('Y-m-d') . ' 00:00');
$end = $start;
$mode = 'single';
@@ -52,14 +52,14 @@ function admin_shifts()
$shifttypes[$shifttype['id']] = $shifttype['name'];
}
- if (isset($_REQUEST['preview']) || isset($_REQUEST['back'])) {
- if (isset($_REQUEST['shifttype_id'])) {
- $shifttype = ShiftType($_REQUEST['shifttype_id']);
+ if ($request->has('preview') || $request->has('back')) {
+ if ($request->has('shifttype_id')) {
+ $shifttype = ShiftType($request->input('shifttype_id'));
if ($shifttype == null) {
$valid = false;
error(_('Please select a shift type.'));
} else {
- $shifttype_id = $_REQUEST['shifttype_id'];
+ $shifttype_id = $request->input('shifttype_id');
}
} else {
$valid = false;
@@ -71,25 +71,25 @@ function admin_shifts()
// Auswahl der sichtbaren Locations für die Schichten
if (
- isset($_REQUEST['rid'])
- && preg_match('/^\d+$/', $_REQUEST['rid'])
- && isset($room_array[$_REQUEST['rid']])
+ $request->has('rid')
+ && preg_match('/^\d+$/', $request->input('rid'))
+ && isset($room_array[$request->input('rid')])
) {
- $rid = $_REQUEST['rid'];
+ $rid = $request->input('rid');
} else {
$valid = false;
$rid = $rooms[0]['RID'];
error(_('Please select a location.'));
}
- if (isset($_REQUEST['start']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['start'])) {
+ if ($request->has('start') && $tmp = parse_date('Y-m-d H:i', $request->input('start'))) {
$start = $tmp;
} else {
$valid = false;
error(_('Please select a start time.'));
}
- if (isset($_REQUEST['end']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['end'])) {
+ if ($request->has('end') && $tmp = parse_date('Y-m-d H:i', $request->input('end'))) {
$end = $tmp;
} else {
$valid = false;
@@ -101,24 +101,24 @@ function admin_shifts()
error(_('The shifts end has to be after its start.'));
}
- if (isset($_REQUEST['mode'])) {
- if ($_REQUEST['mode'] == 'single') {
+ if ($request->has('mode')) {
+ if ($request->input('mode') == 'single') {
$mode = 'single';
- } elseif ($_REQUEST['mode'] == 'multi') {
- if (isset($_REQUEST['length']) && preg_match('/^\d+$/', trim($_REQUEST['length']))) {
+ } elseif ($request->input('mode') == 'multi') {
+ if ($request->has('length') && preg_match('/^\d+$/', trim($request->input('length')))) {
$mode = 'multi';
- $length = trim($_REQUEST['length']);
+ $length = trim($request->input('length'));
} else {
$valid = false;
error(_('Please enter a shift duration in minutes.'));
}
- } elseif ($_REQUEST['mode'] == 'variable') {
+ } elseif ($request->input('mode') == 'variable') {
if (
- isset($_REQUEST['change_hours'])
- && preg_match('/^(\d{2}(,|$))/', trim(str_replace(' ', '', $_REQUEST['change_hours'])))
+ $request->has('change_hours')
+ && preg_match('/^(\d{2}(,|$))/', trim(str_replace(' ', '', $request->input('change_hours'))))
) {
$mode = 'variable';
- $change_hours = array_map('trim', explode(',', $_REQUEST['change_hours']));
+ $change_hours = array_map('trim', explode(',', $request->input('change_hours')));
} else {
$valid = false;
error(_('Please split the shift-change hours by colons.'));
@@ -129,17 +129,17 @@ function admin_shifts()
error(_('Please select a mode.'));
}
- if (isset($_REQUEST['angelmode'])) {
- if ($_REQUEST['angelmode'] == 'location') {
+ if ($request->has('angelmode')) {
+ if ($request->input('angelmode') == 'location') {
$angelmode = 'location';
- } elseif ($_REQUEST['angelmode'] == 'manually') {
+ } elseif ($request->input('angelmode') == 'manually') {
$angelmode = 'manually';
foreach ($types as $type) {
if (
- isset($_REQUEST['type_' . $type['id']])
- && preg_match('/^\d+$/', trim($_REQUEST['type_' . $type['id']]))
+ $request->has('type_' . $type['id'])
+ && preg_match('/^\d+$/', trim($request->input('type_' . $type['id'])))
) {
- $needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]);
+ $needed_angel_types[$type['id']] = trim($request->input('type_' . $type['id']));
} else {
$valid = false;
error(sprintf(_('Please check the needed angels for team %s.'), $type['name']));
@@ -159,7 +159,7 @@ function admin_shifts()
}
// Beim Zurück-Knopf das Formular zeigen
- if (isset($_REQUEST['back'])) {
+ if ($request->has('back')) {
$valid = false;
}
@@ -304,9 +304,9 @@ function admin_shifts()
])
]);
}
- } elseif (isset($_REQUEST['submit'])) {
+ } elseif ($request->has('submit')) {
if (
- !isset($_SESSION['admin_shifts_shifts'])
+ !$request->has('admin_shifts_shifts')
|| !isset($_SESSION['admin_shifts_types'])
|| !is_array($_SESSION['admin_shifts_shifts'])
|| !is_array($_SESSION['admin_shifts_types'])
@@ -360,8 +360,9 @@ function admin_shifts()
unset($_SESSION['admin_shifts_types']);
}
- if (!isset($_REQUEST['rid'])) {
- $_REQUEST['rid'] = null;
+ $rid = null;
+ if ($request->has('rid')) {
+ $rid = $request->input('rid');
}
$angel_types = '';
foreach ($types as $type) {
@@ -378,7 +379,7 @@ function admin_shifts()
form([
form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id),
form_text('title', _('Title'), $title),
- form_select('rid', _('Room'), $room_array, $_REQUEST['rid']),
+ form_select('rid', _('Room'), $room_array, $rid),
div('row', [
div('col-md-6', [
form_text('start', _('Start'), date('Y-m-d H:i', $start)),
@@ -386,7 +387,7 @@ function admin_shifts()
form_info(_('Mode'), ''),
form_radio('mode', _('Create one shift'), $mode == 'single', 'single'),
form_radio('mode', _('Create multiple shifts'), $mode == 'multi', 'multi'),
- form_text('length', _('Length'), !empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'),
+ form_text('length', _('Length'), $request->has('length') ? $request->input('length') : '120'),
form_radio(
'mode',
_('Create multiple shifts with variable length'),
@@ -396,7 +397,7 @@ function admin_shifts()
form_text(
'change_hours',
_('Shift change hours'),
- !empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22'
+ $request->has('change_hours') ? $request->input('input') : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22'
)
]),
div('col-md-6', [
diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php
index 8f833087..510e2292 100644
--- a/includes/pages/admin_user.php
+++ b/includes/pages/admin_user.php
@@ -17,6 +17,7 @@ function admin_user()
{
global $user, $privileges;
$tshirt_sizes = config('tshirt_sizes');
+ $request = request();
foreach ($tshirt_sizes as $key => $size) {
if (empty($size)) {
@@ -26,12 +27,12 @@ function admin_user()
$html = '';
- if (!isset($_REQUEST['id'])) {
+ if (!$request->has('id')) {
redirect(users_link());
}
- $user_id = $_REQUEST['id'];
- if (!isset($_REQUEST['action'])) {
+ $user_id = $request->input('id');
+ if (!$request->has('action')) {
$user_source = User($user_id);
if ($user_source == null) {
error(_('This user does not exist.'));
@@ -171,7 +172,7 @@ function admin_user()
$html .= "<hr />";
} else {
- switch ($_REQUEST['action']) {
+ switch ($request->input('action')) {
case 'save_groups':
if ($user_id != $user['UID']) {
$my_highest_group = DB::select(
@@ -212,13 +213,14 @@ function admin_user()
$grouplist[] = $group['UID'];
}
- if (!is_array($_REQUEST['groups'])) {
- $_REQUEST['groups'] = [];
+ $groupsRequest = $request->input('groups');
+ if (!is_array($groupsRequest)) {
+ $groupsRequest = [];
}
DB::delete('DELETE FROM `UserGroups` WHERE `uid`=?', [$user_id]);
$user_groups_info = [];
- foreach ($_REQUEST['groups'] as $group) {
+ foreach ($groupsRequest as $group) {
if (in_array($group, $grouplist)) {
DB::insert(
'INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, ?)',
@@ -244,7 +246,7 @@ function admin_user()
$force_active = $user['force_active'];
$user_source = User($user_id);
if (in_array('admin_active', $privileges)) {
- $force_active = $_REQUEST['force_active'];
+ $force_active = $request->input('force_active');
}
$sql = '
UPDATE `User` SET
@@ -255,7 +257,7 @@ function admin_user()
`Handy` = ?,
`Alter` =?,
`DECT` = ?,
- ' . ($user_source['email_by_human_allowed'] ? '`email` = ' . DB::getPdo()->quote($_POST["eemail"]) . ',' : '') . '
+ ' . ($user_source['email_by_human_allowed'] ? '`email` = ' . DB::getPdo()->quote($request->post('eemail')) . ',' : '') . '
`jabber` = ?,
`Size` = ?,
`Gekommen`= ?,
@@ -266,34 +268,34 @@ function admin_user()
WHERE `UID` = ?
LIMIT 1';
DB::update($sql, [
- $_POST['eNick'],
- $_POST['eName'],
- $_POST['eVorname'],
- $_POST['eTelefon'],
- $_POST['eHandy'],
- $_POST['eAlter'],
- $_POST['eDECT'],
- $_POST['ejabber'],
- $_POST['eSize'],
- $_POST['eGekommen'],
- $_POST['eAktiv'],
+ $request->post('eNick'),
+ $request->post('eName'),
+ $request->post('eVorname'),
+ $request->post('eTelefon'),
+ $request->post('eHandy'),
+ $request->post('eAlter'),
+ $request->post('eDECT'),
+ $request->post('ejabber'),
+ $request->post('eSize'),
+ $request->post('eGekommen'),
+ $request->post('eAktiv'),
$force_active,
- $_POST['eTshirt'],
- $_POST['Hometown'],
+ $request->post('eTshirt'),
+ $request->post('Hometown'),
$user_id,
]);
engelsystem_log(
- 'Updated user: ' . $_POST['eNick'] . ', ' . $_POST['eSize']
- . ', arrived: ' . $_POST['eGekommen']
- . ', active: ' . $_POST['eAktiv']
- . ', tshirt: ' . $_POST['eTshirt']
+ 'Updated user: ' . $request->post('eNick') . ', ' . $request->post('eSize')
+ . ', arrived: ' . $request->post('eVorname')
+ . ', active: ' . $request->post('eAktiv')
+ . ', tshirt: ' . $request->post('eTshirt')
);
$html .= success('Änderung wurde gespeichert...' . "\n", true);
break;
case 'change_pw':
- if ($_REQUEST['new_pw'] != '' && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
- set_password($user_id, $_REQUEST['new_pw']);
+ if ($request->post('new_pw') != '' && $request->post('new_pw') == $request->post('new_pw2')) {
+ set_password($user_id, $request->post('new_pw'));
$user_source = User($user_id);
engelsystem_log('Set new password for ' . User_Nick_render($user_source));
$html .= success('Passwort neu gesetzt.', true);
diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php
index 99970a01..858ced80 100644
--- a/includes/pages/guest_login.php
+++ b/includes/pages/guest_login.php
@@ -38,6 +38,7 @@ function guest_register()
$enable_tshirt_size = config('enable_tshirt_size');
$min_password_length = config('min_password_length');
$event_config = EventConfig();
+ $request = request();
$msg = '';
$nick = '';
@@ -73,11 +74,11 @@ function guest_register()
}
}
- if (isset($_REQUEST['submit'])) {
+ if ($request->has('submit')) {
$valid = true;
- if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 1) {
- $nick = User_validate_Nick($_REQUEST['nick']);
+ if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 1) {
+ $nick = User_validate_Nick($request->input('nick'));
if (count(DB::select('SELECT `UID` FROM `User` WHERE `Nick`=? LIMIT 1', [$nick])) > 0) {
$valid = false;
$msg .= error(sprintf(_('Your nick &quot;%s&quot; already exists.'), $nick), true);
@@ -86,11 +87,11 @@ function guest_register()
$valid = false;
$msg .= error(sprintf(
_('Your nick &quot;%s&quot; is too short (min. 2 characters).'),
- User_validate_Nick($_REQUEST['nick'])
+ User_validate_Nick($request->input('nick'))
), true);
}
- if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
+ if ($request->has('mail') && strlen(strip_request_item('mail')) > 0) {
$mail = strip_request_item('mail');
if (!check_email($mail)) {
$valid = false;
@@ -101,15 +102,15 @@ function guest_register()
$msg .= error(_('Please enter your e-mail.'), true);
}
- if (isset($_REQUEST['email_shiftinfo'])) {
+ if ($request->has('email_shiftinfo')) {
$email_shiftinfo = true;
}
- if (isset($_REQUEST['email_by_human_allowed'])) {
+ if ($request->has('email_by_human_allowed')) {
$email_by_human_allowed = true;
}
- if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
+ if ($request->has('jabber') && strlen(strip_request_item('jabber')) > 0) {
$jabber = strip_request_item('jabber');
if (!check_email($jabber)) {
$valid = false;
@@ -118,16 +119,16 @@ function guest_register()
}
if ($enable_tshirt_size) {
- if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]) && $_REQUEST['tshirt_size'] != '') {
- $tshirt_size = $_REQUEST['tshirt_size'];
+ if ($request->has('tshirt_size') && isset($tshirt_sizes[$request->input('tshirt_size')])) {
+ $tshirt_size = $request->input('tshirt_size');
} else {
$valid = false;
$msg .= error(_('Please select your shirt size.'), true);
}
}
- if (isset($_REQUEST['password']) && strlen($_REQUEST['password']) >= $min_password_length) {
- if ($_REQUEST['password'] != $_REQUEST['password2']) {
+ if ($request->has('password') && strlen($request->post('password')) >= $min_password_length) {
+ if ($request->post('password') != $request->post('password2')) {
$valid = false;
$msg .= error(_('Your passwords don\'t match.'), true);
}
@@ -139,8 +140,8 @@ function guest_register()
), true);
}
- if (isset($_REQUEST['planned_arrival_date'])) {
- $tmp = parse_date('Y-m-d H:i', $_REQUEST['planned_arrival_date'] . ' 00:00');
+ if ($request->has('planned_arrival_date')) {
+ $tmp = parse_date('Y-m-d H:i', $request->input('planned_arrival_date') . ' 00:00');
$result = User_validate_planned_arrival_date($tmp);
$planned_arrival_date = $result->getValue();
if (!$result->isValid()) {
@@ -151,34 +152,34 @@ function guest_register()
$selected_angel_types = [];
foreach (array_keys($angel_types) as $angel_type_id) {
- if (isset($_REQUEST['angel_types_' . $angel_type_id])) {
+ if ($request->has('angel_types_' . $angel_type_id)) {
$selected_angel_types[] = $angel_type_id;
}
}
// Trivia
- if (isset($_REQUEST['lastname'])) {
+ if ($request->has('lastname')) {
$lastName = strip_request_item('lastname');
}
- if (isset($_REQUEST['prename'])) {
+ if ($request->has('prename')) {
$preName = strip_request_item('prename');
}
- if (isset($_REQUEST['age']) && preg_match('/^\d{0,4}$/', $_REQUEST['age'])) {
+ if ($request->has('age') && preg_match('/^\d{0,4}$/', $request->input('age'))) {
$age = strip_request_item('age');
}
- if (isset($_REQUEST['tel'])) {
+ if ($request->has('tel')) {
$tel = strip_request_item('tel');
}
- if (isset($_REQUEST['dect'])) {
+ if ($request->has('dect')) {
$dect = strip_request_item('dect');
}
- if (isset($_REQUEST['mobile'])) {
+ if ($request->has('mobile')) {
$mobile = strip_request_item('mobile');
}
- if (isset($_REQUEST['hometown'])) {
+ if ($request->has('hometown')) {
$hometown = strip_request_item('hometown');
}
- if (isset($_REQUEST['comment'])) {
+ if ($request->has('comment')) {
$comment = strip_request_item_nl('comment');
}
@@ -233,7 +234,7 @@ function guest_register()
// Assign user-group and set password
$user_id = DB::getPdo()->lastInsertId();
DB::insert('INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, -2)', [$user_id]);
- set_password($user_id, $_REQUEST['password']);
+ set_password($user_id, $request->post('password'));
// Assign angel-types
$user_angel_types_info = [];
@@ -391,18 +392,18 @@ function guest_logout()
function guest_login()
{
$nick = '';
-
+ $request = request();
unset($_SESSION['uid']);
$valid = true;
- if (isset($_REQUEST['submit'])) {
- if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 0) {
- $nick = User_validate_Nick($_REQUEST['nick']);
+ if ($request->has('submit')) {
+ if ($request->has('nick') && strlen(User_validate_Nick($request->input('nick'))) > 0) {
+ $nick = User_validate_Nick($request->input('nick'));
$login_user = DB::select('SELECT * FROM `User` WHERE `Nick`=?', [$nick]);
if (count($login_user) > 0) {
$login_user = $login_user[0];
- if (isset($_REQUEST['password'])) {
- if (!verify_password($_REQUEST['password'], $login_user['Passwort'], $login_user['UID'])) {
+ if ($request->has('password')) {
+ if (!verify_password($request->post('password'), $login_user['Passwort'], $login_user['UID'])) {
$valid = false;
error(_('Your password is incorrect. Please try it again.'));
}
@@ -487,6 +488,6 @@ function get_register_hint()
]);
}
- //FIXME: return error(_('Registration is disabled.'), true);
+ //@TODO: FIXME: return error(_('Registration is disabled.'), true);
return error('Registration is <a href="https://engelsystem.de/33c3/overwhelmed.html">disabled</a>.', true);
}
diff --git a/includes/pages/guest_stats.php b/includes/pages/guest_stats.php
index 6b6f0572..8aa6f740 100644
--- a/includes/pages/guest_stats.php
+++ b/includes/pages/guest_stats.php
@@ -5,9 +5,10 @@ use Engelsystem\Database\DB;
function guest_stats()
{
$apiKey = config('api_key');
+ $request = request();
- if (isset($_REQUEST['api_key'])) {
- if ($_REQUEST['api_key'] == $apiKey && !empty($apiKey)) {
+ if ($request->has('api_key')) {
+ if (!empty($apiKey) && $request->input('api_key') == $apiKey) {
$stats = [];
list($user_count) = DB::select('SELECT count(*) AS `user_count` FROM `User`');
diff --git a/includes/pages/user_atom.php b/includes/pages/user_atom.php
index d7c77d52..a1e2580a 100644
--- a/includes/pages/user_atom.php
+++ b/includes/pages/user_atom.php
@@ -3,16 +3,17 @@
use Engelsystem\Database\DB;
/**
- * Publically available page to feed the news to feedreaders
+ * Publically available page to feed the news to feed readers
*/
function user_atom()
{
global $user;
+ $request = request();
- if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
+ if (!$request->has('key') || !preg_match('/^[\da-f]{32}$/', $request->input('key'))) {
engelsystem_error('Missing key.');
}
- $key = $_REQUEST['key'];
+ $key = $request->input('key');
$user = User_by_api_key($key);
if ($user == null) {
@@ -25,7 +26,7 @@ function user_atom()
$news = DB::select('
SELECT *
FROM `News`
- ' . (empty($_REQUEST['meetings']) ? '' : 'WHERE `Treffen` = 1 ') . '
+ ' . (!$request->has('meetings') ? '' : 'WHERE `Treffen` = 1 ') . '
ORDER BY `ID`
DESC LIMIT ' . (int)config('display_news')
);
diff --git a/includes/pages/user_ical.php b/includes/pages/user_ical.php
index ce474a9e..8d22c4eb 100644
--- a/includes/pages/user_ical.php
+++ b/includes/pages/user_ical.php
@@ -6,11 +6,12 @@
function user_ical()
{
global $user;
+ $request = request();
- if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
+ if (!$request->has('key') || !preg_match('/^[\da-f]{32}$/', $request->input('key'))) {
engelsystem_error('Missing key.');
}
- $key = $_REQUEST['key'];
+ $key = $request->input('key');
$user = User_by_api_key($key);
if ($user == null) {
diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php
index dd22cd66..a811970d 100644
--- a/includes/pages/user_messages.php
+++ b/includes/pages/user_messages.php
@@ -35,8 +35,9 @@ function user_unread_messages()
function user_messages()
{
global $user;
+ $request = request();
- if (!isset($_REQUEST['action'])) {
+ if (!$request->has('action')) {
$users = DB::select(
'SELECT `UID`, `Nick` FROM `User` WHERE NOT `UID`=? ORDER BY `Nick`',
[$user['UID']]
@@ -121,10 +122,10 @@ function user_messages()
], page_link_to('user_messages') . '&action=send')
]);
} else {
- switch ($_REQUEST['action']) {
+ switch ($request->input('action')) {
case 'read':
- if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
- $message_id = $_REQUEST['id'];
+ if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
+ $message_id = $request->input('id');
} else {
return error(_('Incomplete call, missing Message ID.'), true);
}
@@ -145,8 +146,8 @@ function user_messages()
break;
case 'delete':
- if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
- $message_id = $_REQUEST['id'];
+ if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
+ $message_id = $request->input('id');
} else {
return error(_('Incomplete call, missing Message ID.'), true);
}
@@ -164,7 +165,8 @@ function user_messages()
break;
case 'send':
- if (Message_send($_REQUEST['to'], $_REQUEST['text'])) {
+ // @TODO: Validation?
+ if (Message_send($request->input('to'), $request->input('text'))) {
redirect(page_link_to('user_messages'));
} else {
return error(_('Transmitting was terminated with an Error.'), true);
diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php
index 6048093a..14b5b8ee 100644
--- a/includes/pages/user_myshifts.php
+++ b/includes/pages/user_myshifts.php
@@ -18,14 +18,15 @@ function myshifts_title()
function user_myshifts()
{
global $user, $privileges;
+ $request = request();
if (
- isset($_REQUEST['id'])
+ $request->has('id')
&& in_array('user_shifts_admin', $privileges)
- && preg_match('/^\d{1,}$/', $_REQUEST['id'])
- && count(DB::select('SELECT `UID` FROM `User` WHERE `UID`=?', [$_REQUEST['id']])) > 0
+ && preg_match('/^\d{1,}$/', $request->input('id'))
+ && count(DB::select('SELECT `UID` FROM `User` WHERE `UID`=?', [$request->input('id')])) > 0
) {
- $user_id = $_REQUEST['id'];
+ $user_id = $request->input('id');
} else {
$user_id = $user['UID'];
}
@@ -33,8 +34,8 @@ function user_myshifts()
$shifts_user = DB::select('SELECT * FROM `User` WHERE `UID`=? LIMIT 1', [$user_id]);
$shifts_user = array_shift($shifts_user);
- if (isset($_REQUEST['reset'])) {
- if ($_REQUEST['reset'] == 'ack') {
+ if ($request->has('reset')) {
+ if ($request->input('reset') == 'ack') {
User_reset_api_key($user);
success(_('Key changed.'));
redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']);
@@ -46,8 +47,8 @@ function user_myshifts()
),
button(page_link_to('user_myshifts') . '&reset=ack', _('Continue'), 'btn-danger')
]);
- } elseif (isset($_REQUEST['edit']) && preg_match('/^\d*$/', $_REQUEST['edit'])) {
- $user_id = $_REQUEST['edit'];
+ } elseif ($request->has('edit') && preg_match('/^\d*$/', $request->input('edit'))) {
+ $user_id = $request->input('edit');
$shift = DB::select('
SELECT
`ShiftEntry`.`freeloaded`,
@@ -77,10 +78,10 @@ function user_myshifts()
$freeloaded = $shift['freeloaded'];
$freeload_comment = $shift['freeload_comment'];
- if (isset($_REQUEST['submit'])) {
+ if ($request->has('submit')) {
$valid = true;
if (in_array('user_shifts_admin', $privileges)) {
- $freeloaded = isset($_REQUEST['freeloaded']);
+ $freeloaded = $request->has('freeloaded');
$freeload_comment = strip_request_item_nl('freeload_comment');
if ($freeloaded && $freeload_comment == '') {
$valid = false;
@@ -128,8 +129,8 @@ function user_myshifts()
} else {
redirect(page_link_to('user_myshifts'));
}
- } elseif (isset($_REQUEST['cancel']) && preg_match('/^\d*$/', $_REQUEST['cancel'])) {
- $user_id = $_REQUEST['cancel'];
+ } elseif ($request->has('cancel') && preg_match('/^\d*$/', $request->input('cancel'))) {
+ $user_id = $request->input('cancel');
$shift = DB::select('
SELECT *
FROM `Shifts`
diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php
index b1e337b6..9bdcb6fb 100644
--- a/includes/pages/user_news.php
+++ b/includes/pages/user_news.php
@@ -33,9 +33,10 @@ function user_meetings()
{
$display_news = config('display_news');
$html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();
+ $request = request();
- if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) {
- $page = $_REQUEST['page'];
+ if ($request->has('page') && preg_match('/^\d{1,}$/', $request->input('page'))) {
+ $page = $request->input('page');
} else {
$page = 0;
}
@@ -56,9 +57,9 @@ function user_meetings()
$dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
$html .= '<div class="text-center">' . '<ul class="pagination">';
for ($i = 0; $i < $dis_rows; $i++) {
- if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
+ if ($request->has('page') && $i == $request->input('page')) {
$html .= '<li class="active">';
- } elseif (!isset($_REQUEST['page']) && $i == 0) {
+ } elseif (!$request->has('page') && $i == 0) {
$html .= '<li class="active">';
} else {
$html .= '<li>';
@@ -116,17 +117,19 @@ function user_news_comments()
{
global $user;
+ $request = request();
+
$html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
if (
- isset($_REQUEST['nid'])
- && preg_match('/^\d{1,}$/', $_REQUEST['nid'])
- && count(DB::select('SELECT `ID` FROM `News` WHERE `ID`=? LIMIT 1', [$_REQUEST['nid']])) > 0
+ $request->has('nid')
+ && preg_match('/^\d{1,}$/', $request->input('nid'))
+ && count(DB::select('SELECT `ID` FROM `News` WHERE `ID`=? LIMIT 1', [$request->input('nid')])) > 0
) {
- $nid = $_REQUEST['nid'];
+ $nid = $request->input('nid');
$news = DB::select('SELECT * FROM `News` WHERE `ID`=? LIMIT 1', [$nid]);
$news = array_shift($news);
- if (isset($_REQUEST['text'])) {
- $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
+ if ($request->has('text')) {
+ $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($request->input('text')));
DB::insert('
INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`)
VALUES (?, ?, ?, ?)
@@ -179,12 +182,14 @@ function user_news()
{
global $privileges, $user;
$display_news = config('display_news');
+ $request = request();
$html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg();
- if (isset($_POST['text']) && isset($_POST['betreff']) && in_array('admin_news', $privileges)) {
- if (!isset($_POST['treffen']) || !in_array('admin_news', $privileges)) {
- $_POST['treffen'] = 0;
+ $isMeeting = $request->post('treffen');
+ if ($request->has('text') && $request->has('betreff') && in_array('admin_news', $privileges)) {
+ if (!$request->has('treffen') || !in_array('admin_news', $privileges)) {
+ $isMeeting = 0;
}
DB::insert('
INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`)
@@ -192,19 +197,19 @@ function user_news()
',
[
time(),
- $_POST['betreff'],
- $_POST['text'],
+ $request->post('betreff'),
+ $request->post('text'),
$user['UID'],
- $_POST['treffen'],
+ $isMeeting,
]
);
- engelsystem_log('Created news: ' . $_POST['betreff'] . ', treffen: ' . $_POST['treffen']);
+ engelsystem_log('Created news: ' . $_POST['betreff'] . ', treffen: ' . $isMeeting);
success(_('Entry saved.'));
redirect(page_link_to('news'));
}
- if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) {
- $page = $_REQUEST['page'];
+ if ($request->has('page') && preg_match('/^\d{1,}$/', $request->input('page'))) {
+ $page = $request->input('page');
} else {
$page = 0;
}
@@ -225,9 +230,9 @@ function user_news()
$dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news);
$html .= '<div class="text-center">' . '<ul class="pagination">';
for ($i = 0; $i < $dis_rows; $i++) {
- if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) {
+ if ($request->has('page') && $i == $request->input('page')) {
$html .= '<li class="active">';
- } elseif (!isset($_REQUEST['page']) && $i == 0) {
+ } elseif (!$request->has('page') && $i == 0) {
$html .= '<li class="active">';
} else {
$html .= '<li>';
diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php
index 5cb60db3..fdf76aee 100644
--- a/includes/pages/user_questions.php
+++ b/includes/pages/user_questions.php
@@ -16,8 +16,9 @@ function questions_title()
function user_questions()
{
global $user;
+ $request = request();
- if (!isset($_REQUEST['action'])) {
+ if (!$request->has('action')) {
$open_questions = DB::select(
'SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`=?',
[$user['UID']]
@@ -34,7 +35,7 @@ function user_questions()
return Questions_view($open_questions, $answered_questions, page_link_to('user_questions') . '&action=ask');
} else {
- switch ($_REQUEST['action']) {
+ switch ($request->input('action')) {
case 'ask':
$question = strip_request_item_nl('question');
if ($question != '') {
@@ -56,8 +57,8 @@ function user_questions()
}
break;
case 'delete':
- if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
- $question_id = $_REQUEST['id'];
+ if ($request->has('id') && preg_match('/^\d{1,11}$/', $request->input('id'))) {
+ $question_id = $request->input('id');
} else {
return error(_('Incomplete call, missing Question ID.'), true);
}
diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php
index a2a486f4..69e5a7fb 100644
--- a/includes/pages/user_settings.php
+++ b/includes/pages/user_settings.php
@@ -21,9 +21,10 @@ function settings_title()
function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
{
$valid = true;
+ $request = request();
- if (isset($_REQUEST['mail'])) {
- $result = User_validate_mail($_REQUEST['mail']);
+ if ($request->has('mail')) {
+ $result = User_validate_mail($request->input('mail'));
$user_source['email'] = $result->getValue();
if (!$result->isValid()) {
$valid = false;
@@ -34,11 +35,11 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
error(_('Please enter your e-mail.'));
}
- $user_source['email_shiftinfo'] = isset($_REQUEST['email_shiftinfo']);
- $user_source['email_by_human_allowed'] = isset($_REQUEST['email_by_human_allowed']);
+ $user_source['email_shiftinfo'] = $request->has('email_shiftinfo');
+ $user_source['email_by_human_allowed'] = $request->has('email_by_human_allowed');
- if (isset($_REQUEST['jabber'])) {
- $result = User_validate_jabber($_REQUEST['jabber']);
+ if ($request->has('jabber')) {
+ $result = User_validate_jabber($request->input('jabber'));
$user_source['jabber'] = $result->getValue();
if (!$result->isValid()) {
$valid = false;
@@ -46,14 +47,14 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
}
}
- if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']])) {
- $user_source['Size'] = $_REQUEST['tshirt_size'];
+ if ($request->has('tshirt_size') && isset($tshirt_sizes[$request->input('tshirt_size')])) {
+ $user_source['Size'] = $request->input('tshirt_size');
} elseif ($enable_tshirt_size) {
$valid = false;
}
- if (isset($_REQUEST['planned_arrival_date'])) {
- $tmp = parse_date('Y-m-d H:i', $_REQUEST['planned_arrival_date'] . ' 00:00');
+ if ($request->has('planned_arrival_date')) {
+ $tmp = parse_date('Y-m-d H:i', $request->input('planned_arrival_date') . ' 00:00');
$result = User_validate_planned_arrival_date($tmp);
$user_source['planned_arrival_date'] = $result->getValue();
if (!$result->isValid()) {
@@ -62,8 +63,8 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
}
}
- if (isset($_REQUEST['planned_departure_date'])) {
- $tmp = parse_date('Y-m-d H:i', $_REQUEST['planned_departure_date'] . ' 00:00');
+ if ($request->has('planned_departure_date')) {
+ $tmp = parse_date('Y-m-d H:i', $request->input('planned_departure_date') . ' 00:00');
$result = User_validate_planned_departure_date($user_source['planned_arrival_date'], $tmp);
$user_source['planned_departure_date'] = $result->getValue();
if (!$result->isValid()) {
@@ -97,16 +98,17 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes)
*/
function user_settings_password($user_source)
{
+ $request = request();
if (
- !isset($_REQUEST['password'])
- || !verify_password($_REQUEST['password'], $user_source['Passwort'], $user_source['UID'])
+ !$request->has('password')
+ || !verify_password($request->post('password'), $user_source['Passwort'], $user_source['UID'])
) {
error(_('-> not OK. Please try again.'));
- } elseif (strlen($_REQUEST['new_password']) < config('min_password_length')) {
+ } elseif (strlen($request->post('new_password')) < config('min_password_length')) {
error(_('Your password is to short (please use at least 6 characters).'));
- } elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2']) {
+ } elseif ($request->post('new_password') != $request->post('new_password2')) {
error(_('Your passwords don\'t match.'));
- } elseif (set_password($user_source['UID'], $_REQUEST['new_password'])) {
+ } elseif (set_password($user_source['UID'], $request->post('new_password'))) {
success(_('Password saved.'));
} else {
error(_('Failed setting password.'));
@@ -124,9 +126,10 @@ function user_settings_password($user_source)
function user_settings_theme($user_source, $themes)
{
$valid = true;
+ $request = request();
- if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']])) {
- $user_source['color'] = $_REQUEST['theme'];
+ if ($request->has('theme') && isset($themes[$request->input('theme')])) {
+ $user_source['color'] = $request->input('theme');
} else {
$valid = false;
}
@@ -160,9 +163,10 @@ function user_settings_theme($user_source, $themes)
function user_settings_locale($user_source, $locales)
{
$valid = true;
+ $request = request();
- if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']])) {
- $user_source['Sprache'] = $_REQUEST['language'];
+ if ($request->has('language') && isset($locales[$request->input('language')])) {
+ $user_source['Sprache'] = $request->input('language');
} else {
$valid = false;
}
@@ -195,6 +199,7 @@ function user_settings_locale($user_source, $locales)
function user_settings()
{
global $themes, $user;
+ $request = request();
$enable_tshirt_size = config('enable_tshirt_size');
$tshirt_sizes = config('tshirt_sizes');
@@ -220,13 +225,13 @@ function user_settings()
$user_source = $user;
- if (isset($_REQUEST['submit'])) {
+ if ($request->has('submit')) {
$user_source = user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes);
- } elseif (isset($_REQUEST['submit_password'])) {
+ } elseif ($request->has('submit_password')) {
user_settings_password($user_source);
- } elseif (isset($_REQUEST['submit_theme'])) {
+ } elseif ($request->has('submit_theme')) {
$user_source = user_settings_theme($user_source, $themes);
- } elseif (isset($_REQUEST['submit_language'])) {
+ } elseif ($request->has('submit_language')) {
$user_source = user_settings_locale($user_source, $locales);
}
diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php
index 55e49e4f..4dabdfb5 100644
--- a/includes/pages/user_shifts.php
+++ b/includes/pages/user_shifts.php
@@ -23,20 +23,21 @@ function shifts_title()
function user_shifts()
{
global $user;
+ $request = request();
if (User_is_freeloader($user)) {
redirect(page_link_to('user_myshifts'));
}
// Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins
- if (isset($_REQUEST['entry_id'])) {
+ if ($request->has('entry_id')) {
shift_entry_delete_controller();
return '';
- } elseif (isset($_REQUEST['edit_shift'])) {
+ } elseif ($request->has('edit_shift')) {
return shift_edit_controller();
- } elseif (isset($_REQUEST['delete_shift'])) {
+ } elseif ($request->has('delete_shift')) {
return shift_delete_controller();
- } elseif (isset($_REQUEST['shift_id'])) {
+ } elseif ($request->has('shift_id')) {
return shift_entry_add_controller();
}
return view_user_shifts();