YGGverse
/
YGGtracker
mirror of https://github.com/YGGverse/YGGtracker.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

add common validation/filter library for text input fields

main
ghost 1 year ago
parent
9407403d5d
commit
62679eb67f
3 changed files with 110 additions and 25 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      src/config/bootstrap.php
  2. 48
      src/library/filter.php
  3. 86
      src/public/edit.php

1
src/config/bootstrap.php
Unescape View File

@ -41,6 +41,7 @@ require_once __DIR__ . '/../library/scrapeer.php'; @@ -41,6 +41,7 @@ require_once __DIR__ . '/../library/scrapeer.php';
require_once __DIR__ . '/../library/time.php';
require_once __DIR__ . '/../library/curl.php';
require_once __DIR__ . '/../library/valid.php';
require_once __DIR__ . '/../library/filter.php';
// Vendors autoload
require_once __DIR__ . '/../../vendor/autoload.php';

48
src/library/filter.php
Unescape View File

@ -0,0 +1,48 @@ @@ -0,0 +1,48 @@
<?php
class Filter
{
public static function magnetTitle(mixed $value) : string
{
$value = trim(
strip_tags(
html_entity_decode($value)
)
);
return (string) $value;
}
public static function magnetPreview(mixed $value) : string
{
$value = trim(
strip_tags(
html_entity_decode($value)
)
);
return (string) $value;
}
public static function magnetDescription(mixed $value) : string
{
$value = trim(
strip_tags(
html_entity_decode($value)
)
);
return (string) $value;
}
public static function magnetDn(mixed $value) : string
{
$value = trim(
strip_tags(
html_entity_decode($value)
)
);
return (string) $value;
}
}

86
src/public/edit.php
Unescape View File

@ -227,53 +227,85 @@ else { @@ -227,53 +227,85 @@ else {
$db->updateMagnetApproved($magnet->magnetId, (bool) $user->approved, time());
}
// Meta
if (MAGNET_TITLE_MIN_LENGTH <= mb_strlen($_POST['title']) && MAGNET_TITLE_MAX_LENGTH >= mb_strlen($_POST['title']))
// Social
$db->updateMagnetComments($magnet->magnetId, isset($_POST['comments']) ? true : false, time());
$db->updateMagnetSensitive($magnet->magnetId, isset($_POST['sensitive']) ? true : false, time());
if (isset($_POST['public'])) // could be enabled once only because of distributed database model #1
{
$db->updateMagnetTitle($magnet->magnetId, trim(strip_tags(html_entity_decode($_POST['title']))), time());
$db->updateMagnetPublic($magnet->magnetId, true, time());
}
// Title
$response->form->title->valid->success = true;
$response->form->title->valid->message = [];
$response->form->title->valid->success = true;
$response->form->title->valid->message = false;
if (!Valid::magnetTitle($_POST['title'], $response->form->title->valid->message))
{
$response->form->title->valid->success = false;
}
else
{
$response->form->title->valid->success = false;
$response->form->title->valid->message = sprintf(_('* required, %s-%s chars'), MAGNET_TITLE_MIN_LENGTH, MAGNET_TITLE_MAX_LENGTH);
$db->updateMagnetTitle(
$magnet->magnetId,
Filter::magnetTitle($_POST['title']),
time()
);
}
if (mb_strlen($_POST['preview']) < MAGNET_PREVIEW_MIN_LENGTH || mb_strlen($_POST['preview']) > MAGNET_PREVIEW_MAX_LENGTH)
// Preview
$response->form->preview->valid->success = true;
$response->form->preview->valid->message = [];
if (!Valid::magnetPreview($_POST['preview'], $response->form->preview->valid->message))
{
$response->form->preview->valid->success = false;
$response->form->preview->valid->message = sprintf(_('* required, %s-%s chars, %s provided'), MAGNET_PREVIEW_MIN_LENGTH, MAGNET_PREVIEW_MAX_LENGTH, mb_strlen($_POST['preview']));
}
else
{
$db->updateMagnetPreview($magnet->magnetId, trim(strip_tags(html_entity_decode($_POST['preview']))), time());
$db->updateMagnetPreview(
$magnet->magnetId,
Filter::magnetPreview($_POST['preview']),
time()
);
}
if (mb_strlen($_POST['description']) < MAGNET_DESCRIPTION_MIN_LENGTH || mb_strlen($_POST['description']) > MAGNET_DESCRIPTION_MAX_LENGTH)
// Description
$response->form->description->valid->success = true;
$response->form->description->valid->message = [];
if (!Valid::magnetDescription($_POST['description'], $response->form->description->valid->message))
{
$response->form->description->valid->success = false;
$response->form->description->valid->message = sprintf(_('* required, %s-%s chars, %s provided'), MAGNET_DESCRIPTION_MIN_LENGTH, MAGNET_DESCRIPTION_MAX_LENGTH, mb_strlen($_POST['description']));
}
else
{
$db->updateMagnetDescription($magnet->magnetId, trim(strip_tags(html_entity_decode($_POST['description']))), time());
$db->updateMagnetDescription(
$magnet->magnetId,
Filter::magnetDescription($_POST['description']),
time()
);
}
// Social
$db->updateMagnetComments($magnet->magnetId, isset($_POST['comments']) ? true : false, time());
$db->updateMagnetSensitive($magnet->magnetId, isset($_POST['sensitive']) ? true : false, time());
// Display Name
$response->form->dn->valid->success = true;
$response->form->dn->valid->message = [];
if (isset($_POST['public'])) // could be enabled once only because of distributed database model #1
if (!Valid::magnetDn($_POST['dn'], $response->form->dn->valid->message))
{
$db->updateMagnetPublic($magnet->magnetId, true, time());
$response->form->dn->valid->success = false;
}
// Display Name
if (isset($_POST['dn']))
else
{
$db->updateMagnetDn($magnet->magnetId, trim(strip_tags(html_entity_decode($_POST['dn']))), time());
$db->updateMagnetDn(
$magnet->magnetId,
Filter::magnetDn($_POST['dn']),
time()
);
}
// Exact Topic
@ -469,6 +501,7 @@ else { @@ -469,6 +501,7 @@ else {
$response->form->title->valid->success &&
$response->form->preview->valid->success &&
$response->form->description->valid->success &&
$response->form->dn->valid->success &&
$response->form->tr->valid->success &&
$response->form->as->valid->success &&
$response->form->xs->valid->success)
@ -643,7 +676,7 @@ else { @@ -643,7 +676,7 @@ else {
</svg>
</sub>
<?php if ($response->form->title->valid->message) { ?>
<div class="margin-b-8"><?php echo $response->form->title->valid->message ?></div>
<div class="margin-b-8"><?php echo implode('<br />', $response->form->title->valid->message) ?></div>
<?php } ?>
<input class="width-100 margin-t-8 <?php echo ($response->form->title->valid->success ? false : 'background-color-red') ?>" type="text" name="title" value="<?php echo $response->form->title->value ?>" placeholder="<?php echo _('Main title') ?>" maxlength="255" />
</label>
@ -655,7 +688,7 @@ else { @@ -655,7 +688,7 @@ else {
</svg>
</sub>
<?php if ($response->form->preview->valid->message) { ?>
<div class="margin-b-8"><?php echo $response->form->preview->valid->message ?></div>
<div class="margin-b-8"><?php echo implode('<br />', $response->form->preview->valid->message) ?></div>
<?php } ?>
<textarea class="width-100 margin-t-8 <?php echo ($response->form->preview->valid->success ? false : 'background-color-red') ?>" name="preview" placeholder="<?php echo _('Shows in listing and meta tags') ?>"><?php echo $response->form->preview->value ?></textarea>
</label>
@ -667,7 +700,7 @@ else { @@ -667,7 +700,7 @@ else {
</svg>
</sub>
<?php if ($response->form->description->valid->message) { ?>
<div class="margin-b-8"><?php echo $response->form->description->valid->message ?></div>
<div class="margin-b-8"><?php echo implode('<br />', $response->form->description->valid->message) ?></div>
<?php } ?>
<textarea class="width-100 margin-t-8 <?php echo ($response->form->description->valid->success ? false : 'background-color-red') ?>" name="description" placeholder="<?php echo _('Shows on magnet page') ?>"><?php echo $response->form->description->value ?></textarea>
</label>
@ -720,7 +753,10 @@ else { @@ -720,7 +753,10 @@ else {
<path d="M8 16A8 8 0 1 0 8 0a8 8 0 0 0 0 16zm.93-9.412-1 4.705c-.07.34.029.533.304.533.194 0 .487-.07.686-.246l-.088.416c-.287.346-.92.598-1.465.598-.703 0-1.002-.422-.808-1.319l.738-3.468c.064-.293.006-.399-.287-.47l-.451-.081.082-.381 2.29-.287zM8 5.5a1 1 0 1 1 0-2 1 1 0 0 1 0 2z"/>
</svg>
</sub>
<input class="width-100 margin-t-8" type="text" name="dn" id="dn" value="<?php echo $response->form->dn->value ?>" placeholder="<?php echo _('A filename to display to the user, for convenience') ?>" maxlength="255" />
<?php if ($response->form->dn->valid->message) { ?>
<div class="margin-b-8"><?php echo implode('<br />', $response->form->dn->valid->message) ?></div>
<?php } ?>
<input class="width-100 margin-t-8 <?php echo ($response->form->dn->valid->success ? false : 'background-color-red') ?>" type="text" name="dn" id="dn" value="<?php echo $response->form->dn->value ?>" placeholder="<?php echo _('A filename to display to the user, for convenience') ?>" maxlength="255" />
</label>
<label class="display-block margin-y-8 padding-t-4" for="kt">
<?php echo _('Keyword Topic (kt)') ?>

Write Preview
Loading…
Cancel
Save