mirror of
https://github.com/itflow-org/itflow
synced 2026-02-28 19:04:52 +00:00
POST input deduplication/'models'
- Ongoing deduplication/conversion of post.php to use re-usable 'models' for input - Also converting file upload checks to use a function instead
This commit is contained in:
4
models/category.php
Normal file
4
models/category.php
Normal file
@@ -0,0 +1,4 @@
|
||||
<?php
|
||||
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['name'])));
|
||||
$type = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['type'])));
|
||||
$color = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['color'])));
|
||||
16
models/contact.php
Normal file
16
models/contact.php
Normal file
@@ -0,0 +1,16 @@
|
||||
<?php
|
||||
$client_id = intval($_POST['client_id']);
|
||||
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['name'])));
|
||||
$title = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['title'])));
|
||||
$department = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['department'])));
|
||||
$phone = preg_replace("/[^0-9]/", '',$_POST['phone']);
|
||||
$extension = preg_replace("/[^0-9]/", '',$_POST['extension']);
|
||||
$mobile = preg_replace("/[^0-9]/", '',$_POST['mobile']);
|
||||
$email = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['email'])));
|
||||
$primary_contact = intval($_POST['primary_contact']);
|
||||
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['notes'])));
|
||||
$contact_important = intval($_POST['contact_important']);
|
||||
$contact_billing = intval($_POST['contact_billing']);
|
||||
$contact_technical = intval($_POST['contact_technical']);
|
||||
$location_id = intval($_POST['location']);
|
||||
$auth_method = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['auth_method'])));
|
||||
9
models/event.php
Normal file
9
models/event.php
Normal file
@@ -0,0 +1,9 @@
|
||||
<?php
|
||||
$calendar_id = intval($_POST['calendar']);
|
||||
$title = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['title'])));
|
||||
$description = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['description'])));
|
||||
$start = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['start'])));
|
||||
$end = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['end'])));
|
||||
$repeat = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['repeat'])));
|
||||
$client = intval($_POST['client']);
|
||||
$email_event = intval($_POST['email_event']);
|
||||
8
models/expense.php
Normal file
8
models/expense.php
Normal file
@@ -0,0 +1,8 @@
|
||||
<?php
|
||||
$date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['date'])));
|
||||
$amount = floatval($_POST['amount']);
|
||||
$account = intval($_POST['account']);
|
||||
$vendor = intval($_POST['vendor']);
|
||||
$category = intval($_POST['category']);
|
||||
$description = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['description'])));
|
||||
$reference = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['reference'])));
|
||||
4
models/invoice.php
Normal file
4
models/invoice.php
Normal file
@@ -0,0 +1,4 @@
|
||||
<?php
|
||||
$date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['date'])));
|
||||
$category = intval($_POST['category']);
|
||||
$scope = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['scope'])));
|
||||
6
models/product.php
Normal file
6
models/product.php
Normal file
@@ -0,0 +1,6 @@
|
||||
<?php
|
||||
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['name'])));
|
||||
$description = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['description'])));
|
||||
$price = floatval($_POST['price']);
|
||||
$category = intval($_POST['category']);
|
||||
$tax = intval($_POST['tax']);
|
||||
4
models/quote.php
Normal file
4
models/quote.php
Normal file
@@ -0,0 +1,4 @@
|
||||
<?php
|
||||
$date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['date'])));
|
||||
$category = intval($_POST['category']);
|
||||
$scope = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['scope'])));
|
||||
5
models/tag.php
Normal file
5
models/tag.php
Normal file
@@ -0,0 +1,5 @@
|
||||
<?php
|
||||
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['name'])));
|
||||
$type = intval($_POST['type']);
|
||||
$color = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['color'])));
|
||||
$icon = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['icon'])));
|
||||
6
models/transfer.php
Normal file
6
models/transfer.php
Normal file
@@ -0,0 +1,6 @@
|
||||
<?php
|
||||
$date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['date'])));
|
||||
$amount = floatval($_POST['amount']);
|
||||
$account_from = intval($_POST['account_from']);
|
||||
$account_to = intval($_POST['account_to']);
|
||||
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['notes'])));
|
||||
9
models/trip.php
Normal file
9
models/trip.php
Normal file
@@ -0,0 +1,9 @@
|
||||
<?php
|
||||
$date = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['date'])));
|
||||
$source = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['source'])));
|
||||
$destination = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['destination'])));
|
||||
$miles = floatval($_POST['miles']);
|
||||
$roundtrip = intval($_POST['roundtrip']);
|
||||
$purpose = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['purpose'])));
|
||||
$user_id = intval($_POST['user']);
|
||||
$client_id = intval($_POST['client']);
|
||||
13
models/vendor.php
Normal file
13
models/vendor.php
Normal file
@@ -0,0 +1,13 @@
|
||||
<?php
|
||||
$name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['name'])));
|
||||
$description = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['description'])));
|
||||
$account_number = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['account_number'])));
|
||||
$contact_name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['contact_name'])));
|
||||
$phone = preg_replace("/[^0-9]/", '', $_POST['phone']);
|
||||
$extension = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['extension'])));
|
||||
$email = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['email'])));
|
||||
$website = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['website'])));
|
||||
$hours = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['hours'])));
|
||||
$sla = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['sla'])));
|
||||
$code = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['code'])));
|
||||
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['notes'])));
|
||||
Reference in New Issue
Block a user