Skip to content
Snippets Groups Projects
Commit 356d9c9e authored by Hakan Sandell's avatar Hakan Sandell
Browse files

Replacing $_REQUEST variables with $INPUT wrapper, init.php

parent 0484ed6d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 27 additions and 20 deletions
lib/exe/ajax.php
+ 27
20
View file @ 356d9c9e
......@@ -14,10 +14,10 @@ session_write_close();
header('Content-Type: text/html; charset=utf-8');
//call the requested function
if(isset($_POST['call'])){
$call = $_POST['call'];
}else if(isset($_GET['call'])){
$call = $_GET['call'];
if($INPUT->post->has('call')){
$call = $INPUT->post->str('call');
}else if($INPUT->get->has('call')){
$call = $INPUT->get->str('call');
}else{
exit;
}
......@@ -43,9 +43,10 @@ if(function_exists($callfn)){
function ajax_qsearch(){
global $conf;
global $lang;
global $INPUT;
$query = $_POST['q'];
if(empty($query)) $query = $_GET['q'];
$query = $INPUT->post->str('q');
if(empty($query)) $query = $INPUT->get->str('q');
if(empty($query)) return;
$query = urldecode($query);
......@@ -81,9 +82,10 @@ function ajax_qsearch(){
function ajax_suggestions() {
global $conf;
global $lang;
global $INPUT;
$query = cleanID($_POST['q']);
if(empty($query)) $query = cleanID($_GET['q']);
$query = cleanID($INPUT->post->str('q'));
if(empty($query)) $query = cleanID($INPUT->get->str('q'));
if(empty($query)) return;
$data = array();
......@@ -121,8 +123,9 @@ function ajax_lock(){
global $lang;
global $ID;
global $INFO;
global $INPUT;
$ID = cleanID($_POST['id']);
$ID = cleanID($INPUT->post->str('id'));
if(empty($ID)) return;
$INFO = pageinfo();
......@@ -137,15 +140,15 @@ function ajax_lock(){
echo 1;
}
if($conf['usedraft'] && $_POST['wikitext']){
if($conf['usedraft'] && $INPUT->post->str('wikitext')){
$client = $_SERVER['REMOTE_USER'];
if(!$client) $client = clientIP(true);
$draft = array('id' => $ID,
'prefix' => substr($_POST['prefix'], 0, -1),
'text' => $_POST['wikitext'],
'suffix' => $_POST['suffix'],
'date' => (int) $_POST['date'],
'prefix' => substr($INPUT->post->str('prefix'), 0, -1),
'text' => $INPUT->post->str('wikitext'),
'suffix' => $INPUT->post->str('suffix'),
'date' => $INPUT->post->int('date'),
'client' => $client,
);
$cname = getCacheName($draft['client'].$ID,'.draft');
......@@ -180,9 +183,10 @@ function ajax_draftdel(){
*/
function ajax_medians(){
global $conf;
global $INPUT;
// wanted namespace
$ns = cleanID($_POST['ns']);
$ns = cleanID($INPUT->post->str('ns'));
$dir = utf8_encodeFN(str_replace(':','/',$ns));
$lvl = count(explode(':',$ns));
......@@ -203,9 +207,10 @@ function ajax_medians(){
function ajax_medialist(){
global $conf;
global $NS;
global $INPUT;
$NS = cleanID($_POST['ns']);
if ($_POST['do'] == 'media') {
$NS = cleanID($INPUT->post->str('ns'));
if ($INPUT->post->str('do') == 'media') {
tpl_mediaFileList();
} else {
tpl_mediaContent(true);
......@@ -241,7 +246,7 @@ function ajax_mediadiff(){
global $INPUT;
if ($INPUT->has('image')) $image = cleanID($INPUT->str('image'));
$NS = $_POST['ns'];
$NS = $INPUT->post->str('ns');
$auth = auth_quickaclcheck("$NS:*");
media_diff($image, $NS, $auth, true);
}
......@@ -310,9 +315,10 @@ function dir_delete($path) {
*/
function ajax_index(){
global $conf;
global $INPUT;
// wanted namespace
$ns = cleanID($_POST['idx']);
$ns = cleanID($INPUT->post->str('idx'));
$dir = utf8_encodeFN(str_replace(':','/',$ns));
$lvl = count(explode(':',$ns));
......@@ -333,8 +339,9 @@ function ajax_index(){
function ajax_linkwiz(){
global $conf;
global $lang;
global $INPUT;
$q = ltrim(trim($_POST['q']),':');
$q = ltrim(trim($INPUT->post->str('q')),':');
$id = noNS($q);
$ns = getNS($q);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment