The following warnings occurred:
Warning [2] Undefined variable $unreadreports - Line: 26 - File: global.php(961) : eval()'d code PHP 8.2.25 (Linux)
File Line Function
/global.php(961) : eval()'d code 26 errorHandler->error
/global.php 961 eval
/showthread.php 28 require_once





× This forum is read only. As of July 23, 2019, the UserSpice forums have been closed. To receive support, please join our Discord by clicking here. Thank you!
UserSpice   ›   Miscellaneous   ›   Modifications and Hackery   ›   input.php in 4.1.5 allows arrays, needs extended

  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
input.php in 4.1.5 allows arrays, needs extended
plb
User
Joined: Aug 2016
Posts: 120

Reputation: 0
#1
09-19-2016, 02:12 PM
Allowing arrays in Input.php was a nice addition - I had already done some stuff to work around that and can no go restructure my code to take advantage of US utilities...

However, I note that it only allows for the simplest <input type="x" name="myName[]" /> type of arrays. Going all recursive to handle multi-dimensional arrays is probably out of scope, but allowing indices that are either non-ordered numbers or even text (<input type="x" name="myName[first]" /> <input type="x" name="myName[last]" />) is trivial and is probably needed in a good 20-30{3bc1fe685386cc4c3ab89a3f76566d8931e181ad17f08aed9ad73b30bf28114d} of uses when people use arrays in input fields (according to my *very* rough guesstimate in my personal experience which may be wildly off-base).

I haven't run this code, but I think it will take care of it:

Code:
public static function get($item){
Code:
if (isset($_POST[$item])) {
Code:
/*
Code:
If the $_POST item is an array, process each item independently, and return array of sanitized items.
Code:
*/
Code:
if (is_array($_POST[$item])){
Code:
$postItems=array();
Code:
foreach ($_POST[$item] as $k => $postItem){
NOTE THE
Code:
$k =>
Code:
$postItems[$k]=self::sanitize($postItem);
NOTE THE
Code:
$k
Code:
}
Code:
return $postItems;
Code:
}else{
Code:
return self::sanitize($_POST[$item]);
Code:
}

} elseif(isset($_GET[$item])){
/*
If the $_GET item is an array, process each item independently, and return array of sanitized items.
*/
if (is_array($_GET[$item])){
$getItems=array();
foreach ($_GET[$item] as $getItem){
$getItems[]=self:Confusedanitize($getItem);
}
return $getItems;
}else{
return self:Confusedanitize($_GET[$item]);
}
}
return '';
}
  Website
  Reply
brian
User
Joined: Feb 2016
Posts: 311

Reputation: 0
#2
09-19-2016, 02:17 PM
Thanks for writing that, would you be able to test that out in a couple of days? There was only one place in the core UserSpice that used arrays for the forms and that's why the function was modified so that consistent use of Input::get() could be implemented.

I don't have the mindset right now for building a test form and stuff, so if you were able to test an example use case like what you described, then we'd be happy to implement it.
  Reply
plb
User
Joined: Aug 2016
Posts: 120

Reputation: 0
#3
09-19-2016, 06:56 PM
Testing is the bane of my existence (grin) but I kicked the tires enough to feel like it's working.

Here's my pastebin of the actual change (I re-factored the code and this is what I actually tested):
http://pastebin.com/MLKJN9bv

If you're interested here's the test I put together - nothing to speak of, but I think it did the job:
http://pastebin.com/m2F5w5v7

(Would you guys prefer getting these files uploaded to an online server so you could just download the file? I still feel really weird creating all these pastebins of the text of the entire file... I've got a couple domains I own and I could just upload them there and put the link to the download...?)
  Website
  Reply
brian
User
Joined: Feb 2016
Posts: 311

Reputation: 0
#4
09-19-2016, 07:24 PM
Well, right now the pastebins are easy to throw in the tracking table as a reference for a fix, so the pastebins work fairly well for that. As long as we know the context, then just the excerpt that changed should be sufficient. I will let @mudmin chime in to see what he says.
  Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)