/** * Create a whitelist of valid values, be sure to use appropriate types for each value * Be sure to include a value for no parameter, if you have a default condition */ $valid_op = array('mod', 'changedField', 'addfield', 'del', ''); /** * in_array() is a native PHP function that will determine if the value of the * first argument is found in the array listed in the second argument. Strings * are case sensitive and the 3rd argument determines whether type matching is * required */ if (in_array($clean_op, $valid_op, true)) { switch ($clean_op) { case "mod": icms_cp_header(); editfield($clean_field_id); break; case "changedField": foreach ($_POST['mod_profile_Field_objects'] as $k => $v) { $fieldObj = $profile_field_handler->get($v); if ($fieldObj->getVar('field_weight', 'e') != $_POST['field_weight'][$k]) { $fieldObj->setVar('field_weight', (int) $_POST['field_weight'][$k]); $profile_field_handler->insert($fieldObj); } } redirect_header('field.php', 3, _AM_PROFILE_FIELD_MODIFIED); break; case "addfield": $controller = new icms_ipf_Controller($profile_field_handler); $controller->storeFromDefaultForm(_AM_PROFILE_FIELD_CREATED, _AM_PROFILE_FIELD_MODIFIED); break;
orderfield($cid[0], 1, $option); break; case "publishform": publishforms($cid, 1, $option); break; case "unpublishform": publishforms($cid, 0, $option); break; case "newform": editforms($option, 0); break; case "newfield": editfield($option, 0); break; case "editfield": editfield($option, $cid); break; case "deletefield": deletefield($option, $cid); break; case "editform": editforms($option, $cid); break; case "deleteform": deleteforms($option, $cid); break; case "saveform": saveforms($option); break; case "applyform": saveforms($option, 1);