if (!isset($_GET['menu_no_top'])) { if ($_SESSION['isAdmin'] == 'Yes') { $_GET['menu_no_top'] = "hr"; } else { if ($_SESSION['isSupervisor']) { $_GET['menu_no_top'] = "ess"; } else { $_GET['menu_no_top'] = "ess"; } } } /** Clean Get variables that are used in URLs in page */ $varsToClean = array('uniqcode', 'isAdmin', 'pageNo', 'id', 'repcode', 'reqcode', 'menu_no_top'); foreach ($varsToClean as $var) { if (isset($_GET[$var])) { $_GET[$var] = CommonFunctions::cleanAlphaNumericIdField($_GET[$var]); } } /* For checking TimesheetPeriodStartDaySet status : Begins */ //This should be change using $timesheetPeriodService->isTimesheetPeriodDefined() method to support symfony version of the timesheet period if (Config::getTimePeriodSet()) { $_SESSION['timePeriodSet'] = 'Yes'; } else { $_SESSION['timePeriodSet'] = 'No'; } /* For checking TimesheetPeriodStartDaySet status : Ends */ if ($_SESSION['isAdmin'] == 'Yes') { $rights = new Rights(); foreach ($arrAllRights as $moduleCode => $currRights) { $arrAllRights[$moduleCode] = $rights->getRights($_SESSION['userGroup'], $moduleCode); }
public function testCleanAlphaNumericIdField() { $this->assertEquals('223E3Ciframe3E3Cscript3Ealert28123293Cscript3E', CommonFunctions::cleanAlphaNumericIdField('%22%3E%3C/iframe%3E%3Cscript%3Ealert%28123%29;%3C/script%3E')); $this->assertEquals('alert123', CommonFunctions::cleanAlphaNumericIdField('"></iframe><script>alert(123);</script>')); $this->assertEquals('1', CommonFunctions::cleanAlphaNumericIdField('1')); $this->assertEquals('0721', CommonFunctions::cleanAlphaNumericIdField('0721')); $this->assertEquals('EAC', CommonFunctions::cleanAlphaNumericIdField('EAC')); $this->assertEquals('0', CommonFunctions::cleanAlphaNumericIdField('0')); $this->assertEquals('X_1', CommonFunctions::cleanAlphaNumericIdField('X_1')); $this->assertEquals('abc', CommonFunctions::cleanAlphaNumericIdField('abc')); $this->assertEquals('aZ_920diz1', CommonFunctions::cleanAlphaNumericIdField('aZ_920%$@diz 1!')); }