Project

General

Profile

Revision 6156a9b6

Added by Jocelyn Delande about 9 years ago

some request input checking/sanitization

View differences:

panoInfo.php
1 1
<?php
2
require_once 'class/site_point.class.php';
2
require_once('class/site_point.class.php');
3
require_once('class/FormValidator.class.php');
3 4

  
5
$fields_spec = array('name' => array('required', 'basename'));
6

  
7
$validator = new FormValidator($fields_spec);
8

  
9
$is_valid = $validator->validate($_GET);
4 10

  
5
$pano = site_point::get($_GET['name']);
6 11

  
7
if ($pano->has_params()) {
8
  $params = $pano->get_params();
9
  $title = $params['titre'];
10
  $lat = $params['latitude'];
11
  $lon = $params['longitude'];
12
} else {
13
  $title = $__GET['name'];
14
}
15 12

  
13
if ($is_valid) {
14
  $input = $validator->sane_values();
15
  $pano = site_point::get($input['name']);
16
  
17
  if ($pano->has_params()) {
18
    $params = $pano->get_params();
19
    $title = $params['titre'];
20
    $lat = $params['latitude'];
21
    $lon = $params['longitude'];
22
  } else {
23
    $title = $input['name'];
24
  }
16 25

  
17
$has_tiles = $pano->has_tiles();//TODO
18
$has_params = $pano->has_params();
19
$src_path = $pano->src_path();
26

  
27
  $has_tiles = $pano->has_tiles();//TODO
28
  $has_params = $pano->has_params();
29
  $src_path = $pano->src_path();
30
} else {
31
  $validation_errors = $validator->errors();
32
}
20 33
 ?>
21 34

  
22 35
<!DOCTYPE html>
......
31 44
      <h1><img src="images/tetaneutral.svg" alt="tetaneutral.net"/></h1>
32 45
    </header>
33 46
    <section id="main">
47
<?php if ($is_valid) { ?>
34 48
      <h2><?php echo $title ?></h2>
35 49
      <ul id="pano-list">
36 50
        <li>
......
58 72
          <?php } ?>
59 73
        </li>
60 74
      </ul>
75
<?php } else { 
76
  $validator->print_errors(); 
77
}?>
61 78
    </section>
62 79
    <footer class="validators"><samp>
63 80
      page validée par

Also available in: Unified diff