The following warnings occurred:
Warning [2] Undefined variable $unreadreports - Line: 26 - File: global.php(961) : eval()'d code PHP 8.2.25 (Linux)
File Line Function
/global.php(961) : eval()'d code 26 errorHandler->error
/global.php 961 eval
/printthread.php 16 require_once



UserSpice
input.php in 4.1.5 allows arrays, needs extended - Printable Version

+- UserSpice (https://userspice.com/forums)
+-- Forum: Miscellaneous (https://userspice.com/forums/forumdisplay.php?fid=28)
+--- Forum: Modifications and Hackery (https://userspice.com/forums/forumdisplay.php?fid=29)
+--- Thread: input.php in 4.1.5 allows arrays, needs extended (/showthread.php?tid=275)



input.php in 4.1.5 allows arrays, needs extended - plb - 09-19-2016

Allowing arrays in Input.php was a nice addition - I had already done some stuff to work around that and can no go restructure my code to take advantage of US utilities...

However, I note that it only allows for the simplest <input type="x" name="myName[]" /> type of arrays. Going all recursive to handle multi-dimensional arrays is probably out of scope, but allowing indices that are either non-ordered numbers or even text (<input type="x" name="myName[first]" /> <input type="x" name="myName[last]" />) is trivial and is probably needed in a good 20-30{3bc1fe685386cc4c3ab89a3f76566d8931e181ad17f08aed9ad73b30bf28114d} of uses when people use arrays in input fields (according to my *very* rough guesstimate in my personal experience which may be wildly off-base).

I haven't run this code, but I think it will take care of it:

Code:
public static function get($item){
Code:
if (isset($_POST[$item])) {
Code:
/*
Code:
If the $_POST item is an array, process each item independently, and return array of sanitized items.
Code:
*/
Code:
if (is_array($_POST[$item])){
Code:
$postItems=array();
Code:
foreach ($_POST[$item] as $k => $postItem){
NOTE THE
Code:
$k =>
Code:
$postItems[$k]=self::sanitize($postItem);
NOTE THE
Code:
$k
Code:
}
Code:
return $postItems;
Code:
}else{
Code:
return self::sanitize($_POST[$item]);
Code:
}

} elseif(isset($_GET[$item])){
/*
If the $_GET item is an array, process each item independently, and return array of sanitized items.
*/
if (is_array($_GET[$item])){
$getItems=array();
foreach ($_GET[$item] as $getItem){
$getItems[]=self:Confusedanitize($getItem);
}
return $getItems;
}else{
return self:Confusedanitize($_GET[$item]);
}
}
return '';
}



input.php in 4.1.5 allows arrays, needs extended - brian - 09-19-2016

Thanks for writing that, would you be able to test that out in a couple of days? There was only one place in the core UserSpice that used arrays for the forms and that's why the function was modified so that consistent use of Input::get() could be implemented.

I don't have the mindset right now for building a test form and stuff, so if you were able to test an example use case like what you described, then we'd be happy to implement it.


input.php in 4.1.5 allows arrays, needs extended - plb - 09-19-2016

Testing is the bane of my existence (grin) but I kicked the tires enough to feel like it's working.

Here's my pastebin of the actual change (I re-factored the code and this is what I actually tested):
http://pastebin.com/MLKJN9bv

If you're interested here's the test I put together - nothing to speak of, but I think it did the job:
http://pastebin.com/m2F5w5v7

(Would you guys prefer getting these files uploaded to an online server so you could just download the file? I still feel really weird creating all these pastebins of the text of the entire file... I've got a couple domains I own and I could just upload them there and put the link to the download...?)


input.php in 4.1.5 allows arrays, needs extended - brian - 09-19-2016

Well, right now the pastebins are easy to throw in the tracking table as a reference for a fix, so the pastebins work fairly well for that. As long as we know the context, then just the excerpt that changed should be sufficient. I will let @mudmin chime in to see what he says.