Пример #1
0
/** Create a whitelist of valid values, be sure to use appropriate types for each value
 * Be sure to include a value for no parameter, if you have a default condition
 */
$valid_op = array('mod', 'changedField', 'addtribes', 'del', 'merge', 'mergefinal', '');
/**
 * in_array() is a native PHP function that will determine if the value of the
 * first argument is found in the array listed in the second argument. Strings
 * are case sensitive and the 3rd argument determines whether type matching is
 * required
*/
if (in_array($clean_op, $valid_op, true)) {
    switch ($clean_op) {
        case "mod":
        case "changedField":
            icms_cp_header();
            edittribes($clean_tribes_id);
            break;
        case "addtribes":
            $controller = new icms_ipf_Controller($profile_tribes_handler);
            $controller->storeFromDefaultForm(_AM_PROFILE_TRIBES_CREATED, _AM_PROFILE_TRIBES_MODIFIED);
            break;
        case "del":
            $controller = new icms_ipf_Controller($profile_tribes_handler);
            $controller->handleObjectDeletion();
            break;
        case "merge":
            icms_cp_header();
            mergetribes($clean_tribes_id);
            break;
        case "mergefinal":
            $clean_tribes_id = isset($_POST['tribes_id']) ? (int) $_POST['tribes_id'] : 0;
Пример #2
0
     $controller = new icms_ipf_Controller($profile_tribes_handler);
     $controller->storeFromDefaultForm(_MD_PROFILE_TRIBES_CREATED, _MD_PROFILE_TRIBES_MODIFIED, $tribesObj->isNew() ? PROFILE_URL . basename(__FILE__) : $tribesObj->getItemLink(true));
     break;
 case "del":
     if (!$tribesObj->userCanEditAndDelete()) {
         redirect_header($tribesObj->getItemLink(true), 3, _NOPERM);
     }
     if (isset($_POST['confirm']) && !icms::$security->check()) {
         redirect_header(icms_getPreviousPage('index.php'), 3, _MD_PROFILE_SECURITY_CHECK_FAILED . implode('<br />', icms::$security->getErrors()));
     }
     $controller = new icms_ipf_Controller($profile_tribes_handler);
     $controller->handleObjectDeletionFromUserSide();
     break;
 default:
     if ($userCanEditAndDelete) {
         edittribes($tribesObj, true);
     }
     if ($clean_tribes_id > 0) {
         if ($tribesObj->isNew()) {
             redirect_header(icms_getPreviousPage('index.php'), 3, _MD_PROFILE_TRIBES_NOTFOUND);
         }
         $icmsTpl->assign('profile_category_path', '<a href="' . $tribesObj->handler->_moduleUrl . $tribesObj->handler->_page . '?uid=' . $uid . '">' . _MD_PROFILE_TRIBES . '</a>');
         // make tribe form
         edittribeuser($tribesObj, true);
         $clean_topic_id = isset($_GET['topic_id']) ? (int) $_GET['topic_id'] : 0;
         $clean_start = isset($_GET['start']) ? (int) $_GET['start'] : 0;
         $profile_tribes_handler->updateCounter($clean_tribes_id);
         $tribe = $tribesObj->toArray();
         $icmsTpl->assign('profile_tribe', $tribe);
         $tribeOwner = array('tribeuser_avatar' => $tribe['tribe_sender_avatar'], 'tribeuser_sender_link' => $tribe['tribe_sender_link'], 'owner' => TRUE);
         $tribeMembers = $profile_tribeuser_handler->getTribeusers(0, 0, false, false, $clean_tribes_id, '=', 1, 1);