function ppGetData($vars, $setglobal = false, $type = '', $option = '')
{
$return_data = array();
if (!is_array($vars)) {
$vars = array($vars);
}
#setup common reference to SuperGlobals depending which array is needed
if ($type == 'GET' or $type == 'POST') {
if ($type == 'GET') {
$SG_Array =& $_GET;
}
if ($type == 'POST') {
$SG_Array =& $_POST;
}
# loop through SuperGlobal data array and grab out data for allowed fields if found
foreach ($vars as $key) {
if (array_key_exists($key, $SG_Array)) {
$return_data[$key] = $SG_Array[$key];
}
}
} else {
foreach ($vars as $key) {
if (array_key_exists($key, $_POST)) {
$return_data[$key] = $_POST[$key];
} elseif (array_key_exists($key, $_GET)) {
$return_data[$key] = $_GET[$key];
}
}
}
# loop through $vars array and apply the filter
foreach ($vars as $value) {
if ($option == 'text') {
// Check if this variable is an array - maybe a checkbox or multiple select
if (is_array($return_data[$value])) {
$subvalues_array = array();
foreach ($return_data[$value] as $subvalue) {
$subvalues_array[] = ppFilterText($subvalue);
}
$return_data[$value] = $subvalues_array;
} else {
$return_data[$value] = ppFilterText($return_data[$value]);
}
} else {
// Check if this variable is an array - maybe a checkbox or multiple select
if (is_array($return_data[$value])) {
$subvalues_array = array();
foreach ($return_data[$value] as $subvalue) {
if ($option == 'int') {
$subvalues_array[] = ppApplyFilter($subvalue, true, true);
} else {
$subvalues_array[] = ppApplyFilter($subvalue);
}
}
$return_data[$value] = $subvalues_array;
} else {
if ($option == 'int') {
$return_data[$value] = ppApplyFilter($return_data[$value], true);
} else {
$return_data[$value] = ppApplyFilter($return_data[$value]);
}
}
}
}
// Optionally set $GLOBALS or return the array
if ($setglobal) {
# loop through final data and define all the variables using the $GLOBALS array
foreach ($return_data as $key => $value) {
$GLOBALS[$key] = $value;
}
} else {
return $return_data;
}
}
// ListItem ID
$op = COM_applyFilter($_GET['op']);
// Operation
/* Need special filtering of var1 - which is can be the multiple field values separated by a comma
* COM_applyFilter was filtering everything after the comma! ie 2,8,10:11:12:13 became 2
*/
if (!get_magic_quotes_gpc()) {
$var1 = addslashes(htmlspecialchars($_GET['var1']));
// Passed Var1 - usually the fieldname
$var1 = str_replace('&', '&', $var1);
} else {
$var1 = htmlspecialchars($_GET['var1']);
// Passed Var1 - usually the fieldname
$var1 = str_replace('&', '&', $var1);
}
$var2 = ppFilterText($_GET['var2']);
// Passed Var2 - usually the field value
$var3 = intval($_GET['var3']);
// Passed Var3 - field width
$var4 = intval($_GET['var4']);
// Passed Var4 - predefined_function (1 or 0)
// Check if user has edit access to this list
$GROUPS = SEC_getUserGroups($_USER['uid']);
// List of groups user is a member of
$sql = "SELECT id FROM {$_TABLES['nexlist']} WHERE edit_perms IN (" . implode(',', $GROUPS) . ") AND id={$did}";
if (DB_numRows(DB_query($sql)) != 1) {
COM_accessLog("WARNING: nexlist Admin- Invalid access to ajaxupdate.php by user: {$_USER['uid']}");
exit;
}
if ($CONF_LL['debug']) {
COM_errorLog("nexlist - ajaxupdate.php: did:{$did}, rid:{$rid}, fid:{$fid}, itemid:{$itemid}");