$form->field('description'); // process the form if submitted $valid = true; if ($submit) { $form->validate(); $input = $form->values(); $valid = !$form->has_errors(); // protect against CSRF attacks if ($ps->conf['main']['security']['csrf_protection']) { $valid = ($valid and $form->key_is_valid($cms->session)); } if (!in_array($input['type'], array('player', 'weapon', 'weaponclass'))) { $form->error('type', $cms->trans("Please select a valid type from the list")); } // lets keep the description plain... no html. $input['description'] = ps_strip_tags($input['description']); $valid = ($valid and !$form->has_errors()); if ($valid) { $ok = false; if (empty($input['gametype'])) { $input['gametype'] = null; } if (empty($input['modtype'])) { $input['modtype'] = null; } if ($id) { $ok = $ps->db->update($ps->t_config_awards, $input, 'id', $id); } else { $input['id'] = $ps->db->next_id($ps->t_config_awards); $ok = $ps->db->insert($ps->t_config_awards, $input); }
$form->validate(); $input = $form->values(); $valid = !$form->has_errors(); // protect against CSRF attacks if ($ps->conf['main']['security']['csrf_protection']) { $valid = ($valid and $form->key_is_valid($cms->session)); } $input['name'] = $input['plrname']; unset($input['plrname']); // force a protocol prefix on the website url (http://) if (!empty($input['website']) and !preg_match('|^\\w+://|', $input['website'])) { $input['website'] = "http://" . $input['website']; } // strip out any bad tags from the logo. if (!empty($input['logo'])) { $logo = ps_strip_tags($input['logo']); $c1 = md5($logo); $c2 = md5($input['logo']); if ($c1 != $c2) { $form->error('logo', $cms->trans("Invalid tags were removed.") . " " . $cms->trans("Resubmit to try again.")); $form->set('logo', $logo); } $input['logo'] = $logo; } if ($cms->user->is_admin()) { if (!array_key_exists($input['accesslevel'], $cms->user->accesslevels())) { $form->error('accesslevel', $cms->trans("Invalid access level specified")); } } if (!$form->error('username') and $input['username'] != '') { // load the user matching the username