From 3a1e4602492cec1c8f3d2aabab2c866022f43bf1 Mon Sep 17 00:00:00 2001 From: Igor Scheller Date: Tue, 18 Jul 2017 21:38:53 +0200 Subject: Changed $_GET, $_POST and $_REQUEST to use the Request object --- includes/controller/angeltypes_controller.php | 22 ++++--- includes/controller/event_config_controller.php | 7 ++- includes/controller/rooms_controller.php | 15 +++-- includes/controller/shift_entries_controller.php | 30 ++++----- includes/controller/shifts_controller.php | 54 +++++++++------- includes/controller/shifttypes_controller.php | 35 ++++++----- includes/controller/user_angeltypes_controller.php | 49 ++++++++------- .../controller/user_driver_licenses_controller.php | 24 ++++---- includes/controller/users_controller.php | 72 +++++++++++++--------- 9 files changed, 176 insertions(+), 132 deletions(-) (limited to 'includes/controller') diff --git a/includes/controller/angeltypes_controller.php b/includes/controller/angeltypes_controller.php index daa754eb..346a4d73 100644 --- a/includes/controller/angeltypes_controller.php +++ b/includes/controller/angeltypes_controller.php @@ -81,7 +81,7 @@ function angeltype_delete_controller() $angeltype = load_angeltype(); - if (isset($_REQUEST['confirmed'])) { + if (request()->has('confirmed')) { AngelType_delete($angeltype); success(sprintf(_('Angeltype %s deleted.'), AngelType_name_render($angeltype))); redirect(page_link_to('angeltypes')); @@ -104,8 +104,9 @@ function angeltype_edit_controller() // In supporter mode only allow to modify description $supporter_mode = !in_array('admin_angel_types', $privileges); + $request = request(); - if (isset($_REQUEST['angeltype_id'])) { + if ($request->has('angeltype_id')) { // Edit existing angeltype $angeltype = load_angeltype(); @@ -121,12 +122,12 @@ function angeltype_edit_controller() $angeltype = AngelType_new(); } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $valid = true; if (!$supporter_mode) { - if (isset($_REQUEST['name'])) { - $result = AngelType_validate_name($_REQUEST['name'], $angeltype); + if ($request->has('name')) { + $result = AngelType_validate_name($request->get('name'), $angeltype); $angeltype['name'] = $result->getValue(); if (!$result->isValid()) { $valid = false; @@ -134,10 +135,10 @@ function angeltype_edit_controller() } } - $angeltype['restricted'] = isset($_REQUEST['restricted']); - $angeltype['no_self_signup'] = isset($_REQUEST['no_self_signup']); + $angeltype['restricted'] = $request->has('restricted'); + $angeltype['no_self_signup'] = $request->has('no_self_signup'); - $angeltype['requires_driver_license'] = isset($_REQUEST['requires_driver_license']); + $angeltype['requires_driver_license'] = $request->has('requires_driver_license'); } $angeltype['description'] = strip_request_item_nl('description', $angeltype['description']); @@ -262,11 +263,12 @@ function angeltypes_list_controller() */ function load_angeltype() { - if (!isset($_REQUEST['angeltype_id'])) { + $request = request(); + if (!$request->has('angeltype_id')) { redirect(page_link_to('angeltypes')); } - $angeltype = AngelType($_REQUEST['angeltype_id']); + $angeltype = AngelType($request->input('angeltype_id')); if ($angeltype == null) { error(_('Angeltype doesn\'t exist . ')); redirect(page_link_to('angeltypes')); diff --git a/includes/controller/event_config_controller.php b/includes/controller/event_config_controller.php index 06245c47..dcdcf54a 100644 --- a/includes/controller/event_config_controller.php +++ b/includes/controller/event_config_controller.php @@ -19,6 +19,7 @@ function event_config_edit_controller() redirect('?'); } + $request = request(); $event_name = null; $event_welcome_msg = null; $buildup_start_date = null; @@ -36,17 +37,17 @@ function event_config_edit_controller() $event_welcome_msg = $event_config['event_welcome_msg']; } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $valid = true; - if (isset($_REQUEST['event_name'])) { + if ($request->has('event_name')) { $event_name = strip_request_item('event_name'); } if ($event_name == '') { $event_name = null; } - if (isset($_REQUEST['event_welcome_msg'])) { + if ($request->has('event_welcome_msg')) { $event_welcome_msg = strip_request_item_nl('event_welcome_msg'); } if ($event_welcome_msg == '') { diff --git a/includes/controller/rooms_controller.php b/includes/controller/rooms_controller.php index 3082a28d..2d6f1a77 100644 --- a/includes/controller/rooms_controller.php +++ b/includes/controller/rooms_controller.php @@ -19,6 +19,7 @@ function room_controller() redirect(page_link_to()); } + $request = request(); $room = load_room(false); if ($room['show'] != 'Y' && !in_array('admin_rooms', $privileges)) { redirect(page_link_to()); @@ -42,8 +43,8 @@ function room_controller() if (!empty($days)) { $selected_day = $days[0]; } - if (isset($_REQUEST['shifts_filter_day'])) { - $selected_day = $_REQUEST['shifts_filter_day']; + if ($request->has('shifts_filter_day')) { + $selected_day = $request->input('shifts_filter_day'); } $shiftsFilter->setStartTime(parse_date('Y-m-d H:i', $selected_day . ' 00:00')); $shiftsFilter->setEndTime(parse_date('Y-m-d H:i', $selected_day . ' 23:59')); @@ -66,11 +67,13 @@ function room_controller() */ function rooms_controller() { - if (!isset($_REQUEST['action'])) { - $_REQUEST['action'] = 'list'; + $request = request(); + $action = $request->input('action'); + if (!$request->has('action')) { + $action = 'list'; } - switch ($_REQUEST['action']) { + switch ($action) { case 'view': return room_controller(); case 'list': @@ -112,7 +115,7 @@ function load_room($onlyVisible = true) redirect(page_link_to()); } - $room = Room($_REQUEST['room_id'], $onlyVisible); + $room = Room(request()->input('room_id'), $onlyVisible); if ($room == null) { redirect(page_link_to()); } diff --git a/includes/controller/shift_entries_controller.php b/includes/controller/shift_entries_controller.php index cb2d9bee..38aad5bb 100644 --- a/includes/controller/shift_entries_controller.php +++ b/includes/controller/shift_entries_controller.php @@ -11,9 +11,10 @@ function shift_entry_add_controller() { global $privileges, $user; + $request = request(); $shift_id = 0; - if (isset($_REQUEST['shift_id']) && preg_match('/^\d*$/', $_REQUEST['shift_id'])) { - $shift_id = $_REQUEST['shift_id']; + if ($request->has('shift_id') && preg_match('/^\d*$/', $request->input('shift_id'))) { + $shift_id = $request->input('shift_id'); } else { redirect(page_link_to('user_shifts')); } @@ -32,8 +33,8 @@ function shift_entry_add_controller() } $type_id = 0; - if (isset($_REQUEST['type_id']) && preg_match('/^\d*$/', $_REQUEST['type_id'])) { - $type_id = $_REQUEST['type_id']; + if ($request->has('type_id') && preg_match('/^\d*$/', $request->input('type_id'))) { + $type_id = $request->input('type_id'); } else { redirect(page_link_to('user_shifts')); } @@ -63,14 +64,14 @@ function shift_entry_add_controller() } if ( - isset($_REQUEST['user_id']) - && preg_match('/^\d*$/', $_REQUEST['user_id']) + $request->has('user_id') + && preg_match('/^\d*$/', $request->input('user_id')) && ( in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges) ) ) { - $user_id = $_REQUEST['user_id']; + $user_id = $request->input('user_id'); } else { $user_id = $user['UID']; } @@ -92,7 +93,7 @@ function shift_entry_add_controller() redirect(shift_link($shift)); } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $selected_type_id = $type_id; if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges) @@ -103,14 +104,14 @@ function shift_entry_add_controller() } if ( - isset($_REQUEST['angeltype_id']) + $request->has('angeltype_id') && test_request_int('angeltype_id') && count(DB::select( 'SELECT `id` FROM `AngelTypes` WHERE `id`=? LIMIT 1', - [$_REQUEST['angeltype_id']] + [$request->input('angeltype_id')] )) > 0 ) { - $selected_type_id = $_REQUEST['angeltype_id']; + $selected_type_id = $request->input('angeltype_id'); } } @@ -124,7 +125,7 @@ function shift_entry_add_controller() $freeloaded = isset($shift['freeloaded']) ? $shift['freeloaded'] : false; $freeload_comment = isset($shift['freeload_comment']) ? $shift['freeload_comment'] : ''; if (in_array('user_shifts_admin', $privileges)) { - $freeloaded = isset($_REQUEST['freeloaded']); + $freeloaded = $request->has('freeloaded'); $freeload_comment = strip_request_item_nl('freeload_comment'); } @@ -236,11 +237,12 @@ function shift_entry_add_controller() function shift_entry_delete_controller() { global $privileges, $user; + $request = request(); - if (!isset($_REQUEST['entry_id']) || !test_request_int('entry_id')) { + if (!$request->has('entry_id') || !test_request_int('entry_id')) { redirect(page_link_to('user_shifts')); } - $entry_id = $_REQUEST['entry_id']; + $entry_id = $request->input('entry_id'); $shift_entry_source = DB::select(' SELECT diff --git a/includes/controller/shifts_controller.php b/includes/controller/shifts_controller.php index c8b6932a..21c6e160 100644 --- a/includes/controller/shifts_controller.php +++ b/includes/controller/shifts_controller.php @@ -44,15 +44,16 @@ function shift_edit_controller() // Schicht bearbeiten $msg = ''; $valid = true; + $request = request(); if (!in_array('admin_shifts', $privileges)) { redirect(page_link_to('user_shifts')); } - if (!isset($_REQUEST['edit_shift']) || !test_request_int('edit_shift')) { + if (!$request->has('edit_shift') || !test_request_int('edit_shift')) { redirect(page_link_to('user_shifts')); } - $shift_id = $_REQUEST['edit_shift']; + $shift_id = $request->input('edit_shift'); $shift = Shift($shift_id); @@ -73,33 +74,37 @@ function shift_edit_controller() $start = $shift['start']; $end = $shift['end']; - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { // Name/Bezeichnung der Schicht, darf leer sein $title = strip_request_item('title'); // Auswahl der sichtbaren Locations für die Schichten - if (isset($_REQUEST['rid']) && preg_match('/^\d+$/', $_REQUEST['rid']) && isset($room[$_REQUEST['rid']])) { - $rid = $_REQUEST['rid']; + if ( + $request->has('rid') + && preg_match('/^\d+$/', $request->input('rid')) + && isset($room[$request->input('rid')]) + ) { + $rid = $request->input('rid'); } else { $valid = false; $msg .= error(_('Please select a room.'), true); } - if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { - $shifttype_id = $_REQUEST['shifttype_id']; + if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) { + $shifttype_id = $request->input('shifttype_id'); } else { $valid = false; $msg .= error(_('Please select a shifttype.'), true); } - if (isset($_REQUEST['start']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['start'])) { + if ($request->has('start') && $tmp = parse_date('Y-m-d H:i', $request->input('start'))) { $start = $tmp; } else { $valid = false; $msg .= error(_('Please enter a valid starting time for the shifts.'), true); } - if (isset($_REQUEST['end']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['end'])) { + if ($request->has('end') && $tmp = parse_date('Y-m-d H:i', $request->input('end'))) { $end = $tmp; } else { $valid = false; @@ -112,8 +117,8 @@ function shift_edit_controller() } foreach ($needed_angel_types as $needed_angeltype_id => $needed_angeltype_name) { - if (isset($_REQUEST['type_' . $needed_angeltype_id]) && test_request_int('type_' . $needed_angeltype_id)) { - $needed_angel_types[$needed_angeltype_id] = trim($_REQUEST['type_' . $needed_angeltype_id]); + if ($request->has('type_' . $needed_angeltype_id) && test_request_int('type_' . $needed_angeltype_id)) { + $needed_angel_types[$needed_angeltype_id] = trim($request->input('type_' . $needed_angeltype_id)); } else { $valid = false; $msg .= error(sprintf( @@ -186,16 +191,17 @@ function shift_edit_controller() function shift_delete_controller() { global $privileges; + $request = request(); if (!in_array('user_shifts_admin', $privileges)) { redirect(page_link_to('user_shifts')); } // Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg) - if (!isset($_REQUEST['delete_shift']) || !preg_match('/^\d*$/', $_REQUEST['delete_shift'])) { + if (!$request->has('delete_shift') || !preg_match('/^\d*$/', $request->input('delete_shift'))) { redirect(page_link_to('user_shifts')); } - $shift_id = $_REQUEST['delete_shift']; + $shift_id = $request->input('delete_shift'); $shift = Shift($shift_id); if ($shift == null) { @@ -203,7 +209,7 @@ function shift_delete_controller() } // Schicht löschen bestätigt - if (isset($_REQUEST['delete'])) { + if ($request->has('delete')) { Shift_delete($shift_id); engelsystem_log( @@ -232,16 +238,17 @@ function shift_delete_controller() function shift_controller() { global $user, $privileges; + $request = request(); if (!in_array('user_shifts', $privileges)) { redirect(page_link_to('?')); } - if (!isset($_REQUEST['shift_id'])) { + if (!$request->has('shift_id')) { redirect(page_link_to('user_shifts')); } - $shift = Shift($_REQUEST['shift_id']); + $shift = Shift($request->input('shift_id')); if ($shift == null) { error(_('Shift could not be found.')); redirect(page_link_to('user_shifts')); @@ -285,11 +292,12 @@ function shift_controller() */ function shifts_controller() { - if (!isset($_REQUEST['action'])) { + $request = request(); + if (!$request->has('action')) { redirect(page_link_to('user_shifts')); } - switch ($_REQUEST['action']) { + switch ($request->input('action')) { case 'view': return shift_controller(); case 'next': @@ -330,16 +338,17 @@ function shift_next_controller() function shifts_json_export_all_controller() { $api_key = config('api_key'); + $request = request(); if (empty($api_key)) { engelsystem_error('Config contains empty apikey.'); } - if (!isset($_REQUEST['api_key'])) { + if (!$request->has('api_key')) { engelsystem_error('Missing parameter api_key.'); } - if ($_REQUEST['api_key'] != $api_key) { + if ($request->input('api_key') != $api_key) { engelsystem_error('Invalid api_key.'); } @@ -359,12 +368,13 @@ function shifts_json_export_all_controller() function shifts_json_export_controller() { global $user; + $request = request(); - if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) { + if (!$request->has('key') || !preg_match('/^[\da-f]{32}$/', $request->input('key'))) { engelsystem_error('Missing key.'); } - $key = $_REQUEST['key']; + $key = $request->input('key'); $user = User_by_api_key($key); if ($user == null) { diff --git a/includes/controller/shifttypes_controller.php b/includes/controller/shifttypes_controller.php index 9a470e29..acdeb982 100644 --- a/includes/controller/shifttypes_controller.php +++ b/includes/controller/shifttypes_controller.php @@ -16,17 +16,18 @@ function shifttype_link($shifttype) */ function shifttype_delete_controller() { - if (!isset($_REQUEST['shifttype_id'])) { + $request = request(); + if (!$request->has('shifttype_id')) { redirect(page_link_to('shifttypes')); } - $shifttype = ShiftType($_REQUEST['shifttype_id']); + $shifttype = ShiftType($request->input('shifttype_id')); if ($shifttype == null) { redirect(page_link_to('shifttypes')); } - if (isset($_REQUEST['confirmed'])) { + if ($request->has('confirmed')) { $result = ShiftType_delete($shifttype['id']); if (empty($result)) { engelsystem_error('Unable to delete shifttype.'); @@ -56,9 +57,10 @@ function shifttype_edit_controller() $description = ''; $angeltypes = AngelTypes(); + $request = request(); - if (isset($_REQUEST['shifttype_id'])) { - $shifttype = ShiftType($_REQUEST['shifttype_id']); + if ($request->has('shifttype_id')) { + $shifttype = ShiftType($request->input('shifttype_id')); if ($shifttype == null) { error(_('Shifttype not found.')); redirect(page_link_to('shifttypes')); @@ -69,23 +71,23 @@ function shifttype_edit_controller() $description = $shifttype['description']; } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $valid = true; - if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') { + if ($request->has('name') && $request->input('name') != '') { $name = strip_request_item('name'); } else { $valid = false; error(_('Please enter a name.')); } - if (isset($_REQUEST['angeltype_id']) && preg_match('/^\d+$/', $_REQUEST['angeltype_id'])) { - $angeltype_id = $_REQUEST['angeltype_id']; + if ($request->has('angeltype_id') && preg_match('/^\d+$/', $request->input('angeltype_id'))) { + $angeltype_id = $request->input('angeltype_id'); } else { $angeltype_id = null; } - if (isset($_REQUEST['description'])) { + if ($request->has('description')) { $description = strip_request_item_nl('description'); } @@ -120,10 +122,11 @@ function shifttype_edit_controller() */ function shifttype_controller() { - if (!isset($_REQUEST['shifttype_id'])) { + $request = request(); + if (!$request->has('shifttype_id')) { redirect(page_link_to('shifttypes')); } - $shifttype = ShiftType($_REQUEST['shifttype_id']); + $shifttype = ShiftType($request->input('shifttype_id')); if ($shifttype == null) { redirect(page_link_to('shifttypes')); } @@ -174,11 +177,13 @@ function shifttypes_title() */ function shifttypes_controller() { - if (!isset($_REQUEST['action'])) { - $_REQUEST['action'] = 'list'; + $request = request(); + $action = 'list'; + if ($request->has('action')) { + $action = $request->input('action'); } - switch ($_REQUEST['action']) { + switch ($action) { case 'view': return shifttype_controller(); case 'edit': diff --git a/includes/controller/user_angeltypes_controller.php b/includes/controller/user_angeltypes_controller.php index f31aeecd..41185552 100644 --- a/includes/controller/user_angeltypes_controller.php +++ b/includes/controller/user_angeltypes_controller.php @@ -38,13 +38,14 @@ function user_angeltypes_unconfirmed_hint() function user_angeltypes_delete_all_controller() { global $user; + $request = request(); - if (!isset($_REQUEST['angeltype_id'])) { + if (!$request->has('angeltype_id')) { error(_('Angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); } - $angeltype = AngelType($_REQUEST['angeltype_id']); + $angeltype = AngelType($request->input('angeltype_id')); if ($angeltype == null) { error(_('Angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); @@ -55,7 +56,7 @@ function user_angeltypes_delete_all_controller() redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['confirmed'])) { + if ($request->has('confirmed')) { UserAngelTypes_delete_all($angeltype['id']); engelsystem_log(sprintf('Denied all users for angeltype %s', AngelType_name_render($angeltype))); @@ -77,13 +78,14 @@ function user_angeltypes_delete_all_controller() function user_angeltypes_confirm_all_controller() { global $user, $privileges; + $request = request(); - if (!isset($_REQUEST['angeltype_id'])) { + if (!$request->has('angeltype_id')) { error(_('Angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); } - $angeltype = AngelType($_REQUEST['angeltype_id']); + $angeltype = AngelType($request->input('angeltype_id')); if ($angeltype == null) { error(_('Angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); @@ -100,7 +102,7 @@ function user_angeltypes_confirm_all_controller() redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['confirmed'])) { + if ($request->has('confirmed')) { UserAngelTypes_confirm_all($angeltype['id'], $user); engelsystem_log(sprintf('Confirmed all users for angeltype %s', AngelType_name_render($angeltype))); @@ -122,13 +124,14 @@ function user_angeltypes_confirm_all_controller() function user_angeltype_confirm_controller() { global $user; + $request = request(); - if (!isset($_REQUEST['user_angeltype_id'])) { + if (!$request->has('user_angeltype_id')) { error(_('User angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); } - $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']); + $user_angeltype = UserAngelType($request->input('user_angeltype_id')); if ($user_angeltype == null) { error(_('User angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); @@ -151,7 +154,7 @@ function user_angeltype_confirm_controller() redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['confirmed'])) { + if ($request->has('confirmed')) { UserAngelType_confirm($user_angeltype['id'], $user); engelsystem_log(sprintf( @@ -181,13 +184,14 @@ function user_angeltype_confirm_controller() function user_angeltype_delete_controller() { global $user; + $request = request(); - if (!isset($_REQUEST['user_angeltype_id'])) { + if (!$request->has('user_angeltype_id')) { error(_('User angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); } - $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']); + $user_angeltype = UserAngelType($request->input('user_angeltype_id')); if ($user_angeltype == null) { error(_('User angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); @@ -210,7 +214,7 @@ function user_angeltype_delete_controller() redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['confirmed'])) { + if ($request->has('confirmed')) { $result = UserAngelType_delete($user_angeltype); if ($result === false) { engelsystem_error('Unable to delete user angeltype.'); @@ -238,25 +242,26 @@ function user_angeltype_update_controller() { global $privileges; $supporter = false; + $request = request(); if (!in_array('admin_angel_types', $privileges)) { error(_('You are not allowed to set supporter rights.')); redirect(page_link_to('angeltypes')); } - if (!isset($_REQUEST['user_angeltype_id'])) { + if (!$request->has('user_angeltype_id')) { error(_('User angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['supporter']) && preg_match('/^[01]$/', $_REQUEST['supporter'])) { - $supporter = $_REQUEST['supporter'] == '1'; + if ($request->has('supporter') && preg_match('/^[01]$/', $request->input('supporter'))) { + $supporter = $request->input('supporter') == '1'; } else { error(_('No supporter update given.')); redirect(page_link_to('angeltypes')); } - $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']); + $user_angeltype = UserAngelType($request->input('user_angeltype_id')); if ($user_angeltype == null) { error(_('User angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); @@ -274,7 +279,7 @@ function user_angeltype_update_controller() redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['confirmed'])) { + if ($request->has('confirmed')) { UserAngelType_update($user_angeltype['id'], $supporter); $success_message = sprintf( @@ -300,7 +305,6 @@ function user_angeltype_update_controller() function user_angeltype_add_controller() { global $user; - $angeltype = load_angeltype(); // User is joining by itself @@ -316,7 +320,7 @@ function user_angeltype_add_controller() // Load possible users, that are not in the angeltype already $users_source = Users_by_angeltype_inverted($angeltype); - if (isset($_REQUEST['submit'])) { + if (request()->has('submit')) { $user_source = load_user(); if (!UserAngelType_exists($user_source, $angeltype)) { @@ -366,7 +370,7 @@ function user_angeltype_join_controller($angeltype) redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['confirmed'])) { + if (request()->has('confirmed')) { $user_angeltype_id = UserAngelType_create($user, $angeltype); $success_message = sprintf(_('You joined %s.'), $angeltype['name']); @@ -398,11 +402,12 @@ function user_angeltype_join_controller($angeltype) */ function user_angeltypes_controller() { - if (!isset($_REQUEST['action'])) { + $request = request(); + if (!$request->has('action')) { redirect(page_link_to('angeltypes')); } - switch ($_REQUEST['action']) { + switch ($request->input('action')) { case 'delete_all': return user_angeltypes_delete_all_controller(); case 'confirm_all': diff --git a/includes/controller/user_driver_licenses_controller.php b/includes/controller/user_driver_licenses_controller.php index 3098c8ce..fef278dd 100644 --- a/includes/controller/user_driver_licenses_controller.php +++ b/includes/controller/user_driver_licenses_controller.php @@ -74,11 +74,11 @@ function user_driver_license_edit_link($user = null) function user_driver_license_load_user() { global $user; - + $request = request(); $user_source = $user; - if (isset($_REQUEST['user_id'])) { - $user_source = User($_REQUEST['user_id']); + if ($request->has('user_id')) { + $user_source = User($request->input('user_id')); if ($user_source == null) { redirect(user_driver_license_edit_link()); } @@ -95,7 +95,7 @@ function user_driver_license_load_user() function user_driver_license_edit_controller() { global $privileges, $user; - + $request = request(); $user_source = user_driver_license_load_user(); // only privilege admin_user can edit other users driver license information @@ -111,15 +111,15 @@ function user_driver_license_edit_controller() $wants_to_drive = true; } - if (isset($_REQUEST['submit'])) { - $wants_to_drive = isset($_REQUEST['wants_to_drive']); + if ($request->has('submit')) { + $wants_to_drive = $request->has('wants_to_drive'); if ($wants_to_drive) { - $user_driver_license['has_car'] = isset($_REQUEST['has_car']); - $user_driver_license['has_license_car'] = isset($_REQUEST['has_license_car']); - $user_driver_license['has_license_3_5t_transporter'] = isset($_REQUEST['has_license_3_5t_transporter']); - $user_driver_license['has_license_7_5t_truck'] = isset($_REQUEST['has_license_7_5t_truck']); - $user_driver_license['has_license_12_5t_truck'] = isset($_REQUEST['has_license_12_5t_truck']); - $user_driver_license['has_license_forklift'] = isset($_REQUEST['has_license_forklift']); + $user_driver_license['has_car'] = $request->has('has_car'); + $user_driver_license['has_license_car'] = $request->has('has_license_car'); + $user_driver_license['has_license_3_5t_transporter'] = $request->has('has_license_3_5t_transporter'); + $user_driver_license['has_license_7_5t_truck'] = $request->has('has_license_7_5t_truck'); + $user_driver_license['has_license_12_5t_truck'] = $request->has('has_license_12_5t_truck'); + $user_driver_license['has_license_forklift'] = $request->has('has_license_forklift'); if (UserDriverLicense_valid($user_driver_license)) { if ($user_driver_license['user_id'] == null) { diff --git a/includes/controller/users_controller.php b/includes/controller/users_controller.php index 84b6bbda..96e2c81b 100644 --- a/includes/controller/users_controller.php +++ b/includes/controller/users_controller.php @@ -12,16 +12,18 @@ use Engelsystem\ShiftsFilter; function users_controller() { global $user; + $request = request(); if (!isset($user)) { redirect(page_link_to('')); } - if (!isset($_REQUEST['action'])) { - $_REQUEST['action'] = 'list'; + $action = 'list'; + if ($request->has('action')) { + $action = $request->input('action'); } - switch ($_REQUEST['action']) { + switch ($action) { case 'view': return user_controller(); case 'delete': @@ -42,9 +44,10 @@ function users_controller() function user_delete_controller() { global $privileges, $user; + $request = request(); - if (isset($_REQUEST['user_id'])) { - $user_source = User($_REQUEST['user_id']); + if ($request->has('user_id')) { + $user_source = User($request->get('user_id')); } else { $user_source = $user; } @@ -59,11 +62,14 @@ function user_delete_controller() redirect(user_link($user)); } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $valid = true; - if (!(isset($_REQUEST['password']) && verify_password($_REQUEST['password'], $user['Passwort'], - $user['UID'])) + if ( + !( + $request->has('password') + && verify_password($request->input('password'), $user['Passwort'], $user['UID']) + ) ) { $valid = false; error(_('Your password is incorrect. Please try it again.')); @@ -130,9 +136,10 @@ function user_link($user) function user_edit_vouchers_controller() { global $privileges, $user; + $request = request(); - if (isset($_REQUEST['user_id'])) { - $user_source = User($_REQUEST['user_id']); + if ($request->has('user_id')) { + $user_source = User($request->input('user_id')); } else { $user_source = $user; } @@ -141,12 +148,16 @@ function user_edit_vouchers_controller() redirect(page_link_to('')); } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $valid = true; $vouchers = ''; - if (isset($_REQUEST['vouchers']) && test_request_int('vouchers') && trim($_REQUEST['vouchers']) >= 0) { - $vouchers = trim($_REQUEST['vouchers']); + if ( + $request->has('vouchers') + && test_request_int('vouchers') + && trim($request->input('vouchers')) >= 0 + ) { + $vouchers = trim($request->input('vouchers')); } else { $valid = false; error(_('Please enter a valid number of vouchers.')); @@ -180,10 +191,11 @@ function user_edit_vouchers_controller() function user_controller() { global $privileges, $user; + $request = request(); $user_source = $user; - if (isset($_REQUEST['user_id'])) { - $user_source = User($_REQUEST['user_id']); + if ($request->has('user_id')) { + $user_source = User($request->input('user_id')); if ($user_source == null) { error(_('User not found.')); redirect('?'); @@ -241,14 +253,15 @@ function user_controller() function users_list_controller() { global $privileges; + $request = request(); if (!in_array('admin_user', $privileges)) { redirect(page_link_to('')); } $order_by = 'Nick'; - if (isset($_REQUEST['OrderBy']) && in_array($_REQUEST['OrderBy'], User_sortable_columns())) { - $order_by = $_REQUEST['OrderBy']; + if ($request->has('OrderBy') && in_array($request->input('OrderBy'), User_sortable_columns())) { + $order_by = $request->input('OrderBy'); } $users = Users($order_by); @@ -282,20 +295,21 @@ function users_list_controller() */ function user_password_recovery_set_new_controller() { - $user_source = User_by_password_recovery_token($_REQUEST['token']); + $request = request(); + $user_source = User_by_password_recovery_token($request->input('token')); if ($user_source == null) { error(_('Token is not correct.')); redirect(page_link_to('login')); } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $valid = true; if ( - isset($_REQUEST['password']) - && strlen($_REQUEST['password']) >= config('min_password_length') + $request->has('password') + && strlen($request->post('password')) >= config('min_password_length') ) { - if ($_REQUEST['password'] != $_REQUEST['password2']) { + if ($request->post('password') != $request->post('password2')) { $valid = false; error(_('Your passwords don\'t match.')); } @@ -305,7 +319,7 @@ function user_password_recovery_set_new_controller() } if ($valid) { - set_password($user_source['UID'], $_REQUEST['password']); + set_password($user_source['UID'], $request->post('password')); success(_('Password saved.')); redirect(page_link_to('login')); } @@ -321,10 +335,11 @@ function user_password_recovery_set_new_controller() */ function user_password_recovery_start_controller() { - if (isset($_REQUEST['submit'])) { + $request = request(); + if ($request->has('submit')) { $valid = true; - if (isset($_REQUEST['email']) && strlen(strip_request_item('email')) > 0) { + if ($request->has('email') && strlen(strip_request_item('email')) > 0) { $email = strip_request_item('email'); if (check_email($email)) { $user_source = User_by_email($email); @@ -367,7 +382,7 @@ function user_password_recovery_start_controller() */ function user_password_recovery_controller() { - if (isset($_REQUEST['token'])) { + if (request()->has('token')) { return user_password_recovery_set_new_controller(); } @@ -391,11 +406,12 @@ function user_password_recovery_title() */ function load_user() { - if (!isset($_REQUEST['user_id'])) { + $request = request(); + if (!$request->has('user_id')) { redirect(page_link_to()); } - $user = User($_REQUEST['user_id']); + $user = User($request->input('user_id')); if ($user == null) { error(_('User doesn\'t exist.')); -- cgit v1.2.3-54-g00ecf