Clean integer value (strip all chars not - and spaces )
static public cleanInteger ( $integer ) : clean | ||
$integer | string integer string | |
return | clean | integer |
function prepareInputForAdd($input) { // Clean values $input['tickets_id_1'] = Toolbox::cleanInteger($input['tickets_id_1']); $input['tickets_id_2'] = Toolbox::cleanInteger($input['tickets_id_2']); // Check of existance of rights on both Ticket(s) is done by the parent if ($input['tickets_id_2'] == $input['tickets_id_1']) { return false; } if (!isset($input['link'])) { $input['link'] = self::LINK_TO; } // No multiple links $tickets = self::getLinkedTicketsTo($input['tickets_id_1']); if (count($tickets)) { foreach ($tickets as $key => $t) { if ($t['tickets_id'] == $input['tickets_id_2']) { // Delete old simple link if ($input['link'] == self::DUPLICATE_WITH && $t['link'] == self::LINK_TO) { $tt = new Ticket_Ticket(); $tt->delete(array("id" => $key)); } else { // No duplicate link return false; } } } } return parent::prepareInputForAdd($input); }
You should have received a copy of the GNU General Public License along with MoreLDAP plugin; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ------------------------------------------------------------------------ @package MoreLDAP @author the MoreLDAP plugin team @copyright Copyright (c) 2014-2014 MoreLDAP plugin team @license GPLv2+ http://www.gnu.org/licenses/gpl.txt @link https://forge.indepnet.net/projects/moreldap @link http://www.glpi-project.org/ @since 2014 ------------------------------------------------------------------------ */ define('GLPI_ROOT', '../../..'); include GLPI_ROOT . "/inc/includes.php"; Session::checkRight("config", "w"); $AuthLDAP = new PluginMoreldapAuthLDAP(); if (isset($_POST["update"])) { $_POST['id'] = Toolbox::cleanInteger($_POST['id']); $_POST['location_enabled'] = isset($_POST['location_enabled']) ? "Y" : "N"; $_POST['location'] = html_entity_decode($_POST['location']); if ($AuthLDAP->getFromDB($_POST['id']) == false) { //The directory exists in GLPI but there is no data in the plugin $AuthLDAP->add($_POST); } else { $AuthLDAP->update($_POST); } } Html::back();
/** * Check float and decimal values * * @param $display display or not messages in and addAfterRedirect (true by default) * * @return input the data checked **/ function filterValues($display = true) { // MoYo : comment it because do not understand why filtering is disable // if (in_array('CommonDBRelation', class_parents($this))) { // return true; // } //Type mismatched fields $fails = array(); if (isset($this->input) && is_array($this->input) && count($this->input)) { foreach ($this->input as $key => $value) { $unset = false; $regs = array(); $searchOption = $this->getSearchOptionByField('field', $key); if (isset($searchOption['datatype']) && (is_null($value) || $value == '' || $value == 'NULL')) { switch ($searchOption['datatype']) { case 'date': case 'datetime': // don't use $unset', because this is not a failure $this->input[$key] = 'NULL'; break; } } else { if (isset($searchOption['datatype']) && !is_null($value) && $value != '' && $value != 'NULL') { switch ($searchOption['datatype']) { case 'integer': case 'count': case 'number': case 'decimal': $value = str_replace(',', '.', $value); if ($searchOption['datatype'] == 'decimal') { $this->input[$key] = floatval(Toolbox::cleanDecimal($value)); } else { $this->input[$key] = intval(Toolbox::cleanInteger($value)); } if (!is_numeric($this->input[$key])) { $unset = true; } break; case 'bool': if (!in_array($value, array(0, 1))) { $unset = true; } break; case 'ip': $address = new IPAddress(); if (!$address->setAddressFromString($value)) { $unset = true; } else { if (!$address->is_ipv4()) { $unset = true; } } break; case 'mac': preg_match("/([0-9a-fA-F]{1,2}([:-]|\$)){6}\$/", $value, $regs); if (empty($regs)) { $unset = true; } // Define the MAC address to lower to reduce complexity of SQL queries $this->input[$key] = strtolower($value); break; case 'date': case 'datetime': // Date is already "reformat" according to getDateFormat() $pattern = "/^([0-9]{4})-([0-9]{1,2})-([0-9]{1,2})"; $pattern .= "([_][01][0-9]|2[0-3]:[0-5][0-9]:[0-5]?[0-9])?/"; preg_match($pattern, $value, $regs); if (empty($regs)) { $unset = true; } break; case 'itemtype': //Want to insert an itemtype, but the associated class doesn't exists if (!class_exists($value)) { $unset = true; } case 'email': case 'string': if (strlen($value) > 255) { $this->input[$key] = substr($value, 0, 254); } break; default: //Plugins can implement their own checks if (!$this->checkSpecificValues($searchOption['datatype'], $value)) { $unset = true; } // Copy value if check have update it $this->input[$key] = $value; break; } } } if ($unset) { $fails[] = $searchOption['name']; unset($this->input[$key]); } } } if ($display && count($fails)) { //Display a message to indicate that one or more value where filtered //TRANS: %s is the list of the failed fields $message = sprintf(__('%1$s: %2$s'), __('At least one field has an incorrect value'), implode(',', $fails)); Session::addMessageAfterRedirect($message, INFO, true); } }
/** * Function get items for record models * * @global type $DB * @param type $commandgroups_id * @param type $start * @return type */ function getItems($commandgroups_id, $start = 0) { global $DB; $output = array(); $query = "SELECT `" . $this->getTable() . "`.`id`, \n `" . $this->getTable() . "`.`plugin_shellcommands_shellcommands_id`,\n `" . $this->getTable() . "`.`plugin_shellcommands_commandgroups_id`\n FROM " . $this->getTable() . "\n WHERE `" . $this->getTable() . "`.`plugin_shellcommands_commandgroups_id` = " . Toolbox::cleanInteger($commandgroups_id) . "\n LIMIT " . intval($start) . "," . intval($_SESSION['glpilist_limit']); $result = $DB->query($query); if ($DB->numrows($result)) { while ($data = $DB->fetch_assoc($result)) { $output[$data['id']] = $data; } } return $output; }