AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 10:54:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor POST handling.

Browse Source 
- Split into admin and user handlers, each admin page gets its own file now
- Enforce role access once for admin POST requests
- Automatically load POST logic for admin-based requests based on the referring page, otherwise automatically load all user request logic
- Add support for using custom POST handlers
This commit is contained in:
Marcus Hill
2024-09-29 19:02:28 +01:00
parent 635b1f903a
commit 6363d265ca
127 changed files with 1888 additions and 1901 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
functions.php
View File

@@ -215,7 +215,7 @@ function formatPhoneNumber($phoneNumber)
return $phoneNumber;
}
$phoneNumber = $phoneNumber ? preg_replace('/[^0-9]/', '', $phoneNumber) : "";
if (strlen($phoneNumber) > 10) {
@@ -733,12 +733,14 @@ function sanitizeInput($input)
{
global $mysqli;
// Detect encoding
$encoding = mb_detect_encoding($input, ['UTF-8', 'ISO-8859-1', 'Windows-1252', 'ISO-8859-15'], true);
if (!empty($input)) {
// Detect encoding
$encoding = mb_detect_encoding($input, ['UTF-8', 'ISO-8859-1', 'Windows-1252', 'ISO-8859-15'], true);
// If not UTF-8, convert to UTF8 (primarily Windows-1252 is problematic)
if ($encoding !== 'UTF-8') {
$input = mb_convert_encoding($input, 'UTF-8', $encoding);
// If not UTF-8, convert to UTF8 (primarily Windows-1252 is problematic)
if ($encoding !== 'UTF-8') {
$input = mb_convert_encoding($input, 'UTF-8', $encoding);
}
}
// Remove HTML and PHP tags
@@ -1115,7 +1117,7 @@ function fetchUpdates() {
$updates->latest_version = $latest_version;
$updates->update_message = $update_message;
return $updates;
}
@@ -1301,3 +1303,11 @@ function enforceUserPermission($module, $check_access_level = 1) {
exit(WORDING_ROLECHECK_FAILED . "<br>Tell your admin: $map[$check_access_level] access to $module is not permitted for your role.");
}
}
function enforceAdminPermission() {
global $session_is_admin;
if (!isset($session_is_admin) || !$session_is_admin) {
exit(WORDING_ROLECHECK_FAILED . "<br>Tell your admin: Your role does not have admin access.");
}
return true;
}