Replaced [0-9] with \d
This commit is contained in:
Bot
Igor Scheller
parent
915ce28fee
commit
740026a9de
|
|
@ -12,7 +12,7 @@ function shift_entry_add_controller()
|
|||
global $privileges, $user;
|
||||
|
||||
$shift_id = 0;
|
||||
if (isset($_REQUEST['shift_id']) && preg_match('/^[0-9]*$/', $_REQUEST['shift_id'])) {
|
||||
if (isset($_REQUEST['shift_id']) && preg_match('/^\d*$/', $_REQUEST['shift_id'])) {
|
||||
$shift_id = $_REQUEST['shift_id'];
|
||||
} else {
|
||||
redirect(page_link_to('user_shifts'));
|
||||
|
|
@ -32,7 +32,7 @@ function shift_entry_add_controller()
|
|||
}
|
||||
|
||||
$type_id = 0;
|
||||
if (isset($_REQUEST['type_id']) && preg_match('/^[0-9]*$/', $_REQUEST['type_id'])) {
|
||||
if (isset($_REQUEST['type_id']) && preg_match('/^\d*$/', $_REQUEST['type_id'])) {
|
||||
$type_id = $_REQUEST['type_id'];
|
||||
} else {
|
||||
redirect(page_link_to('user_shifts'));
|
||||
|
|
@ -64,7 +64,7 @@ function shift_entry_add_controller()
|
|||
|
||||
if (
|
||||
isset($_REQUEST['user_id'])
|
||||
&& preg_match('/^[0-9]*$/', $_REQUEST['user_id'])
|
||||
&& preg_match('/^\d*$/', $_REQUEST['user_id'])
|
||||
&& (
|
||||
in_array('user_shifts_admin', $privileges)
|
||||
|| in_array('shiftentry_edit_angeltype_supporter', $privileges)
|
||||
|
|
|
|||
|
|
@ -78,7 +78,7 @@ function shift_edit_controller()
|
|||
$title = strip_request_item('title');
|
||||
|
||||
// Auswahl der sichtbaren Locations für die Schichten
|
||||
if (isset($_REQUEST['rid']) && preg_match('/^[0-9]+$/', $_REQUEST['rid']) && isset($room[$_REQUEST['rid']])) {
|
||||
if (isset($_REQUEST['rid']) && preg_match('/^\d+$/', $_REQUEST['rid']) && isset($room[$_REQUEST['rid']])) {
|
||||
$rid = $_REQUEST['rid'];
|
||||
} else {
|
||||
$valid = false;
|
||||
|
|
@ -192,7 +192,7 @@ function shift_delete_controller()
|
|||
}
|
||||
|
||||
// Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg)
|
||||
if (!isset($_REQUEST['delete_shift']) || !preg_match('/^[0-9]*$/', $_REQUEST['delete_shift'])) {
|
||||
if (!isset($_REQUEST['delete_shift']) || !preg_match('/^\d*$/', $_REQUEST['delete_shift'])) {
|
||||
redirect(page_link_to('user_shifts'));
|
||||
}
|
||||
$shift_id = $_REQUEST['delete_shift'];
|
||||
|
|
@ -360,7 +360,7 @@ function shifts_json_export_controller()
|
|||
{
|
||||
global $user;
|
||||
|
||||
if (!isset($_REQUEST['key']) || !preg_match('/^[0-9a-f]{32}$/', $_REQUEST['key'])) {
|
||||
if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
|
||||
engelsystem_error('Missing key.');
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -79,7 +79,7 @@ function shifttype_edit_controller()
|
|||
error(_('Please enter a name.'));
|
||||
}
|
||||
|
||||
if (isset($_REQUEST['angeltype_id']) && preg_match('/^[0-9]+$/', $_REQUEST['angeltype_id'])) {
|
||||
if (isset($_REQUEST['angeltype_id']) && preg_match('/^\d+$/', $_REQUEST['angeltype_id'])) {
|
||||
$angeltype_id = $_REQUEST['angeltype_id'];
|
||||
} else {
|
||||
$angeltype_id = null;
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ function Message_send($receiver_user_id, $text)
|
|||
global $user;
|
||||
|
||||
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
|
||||
$receiver_user_id = preg_replace('/([^0-9]{1,})/ui', '', strip_tags($receiver_user_id));
|
||||
$receiver_user_id = preg_replace('/([^\d]{1,})/ui', '', strip_tags($receiver_user_id));
|
||||
|
||||
if (
|
||||
($text != '' && is_numeric($receiver_user_id))
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ function admin_active()
|
|||
if (isset($_REQUEST['set_active'])) {
|
||||
$valid = true;
|
||||
|
||||
if (isset($_REQUEST['count']) && preg_match('/^[0-9]+$/', $_REQUEST['count'])) {
|
||||
if (isset($_REQUEST['count']) && preg_match('/^\d+$/', $_REQUEST['count'])) {
|
||||
$count = strip_request_item('count');
|
||||
if ($count < $forced_count) {
|
||||
error(sprintf(
|
||||
|
|
@ -89,7 +89,7 @@ function admin_active()
|
|||
}
|
||||
}
|
||||
|
||||
if (isset($_REQUEST['active']) && preg_match('/^[0-9]+$/', $_REQUEST['active'])) {
|
||||
if (isset($_REQUEST['active']) && preg_match('/^\d+$/', $_REQUEST['active'])) {
|
||||
$user_id = $_REQUEST['active'];
|
||||
$user_source = User($user_id);
|
||||
if ($user_source != null) {
|
||||
|
|
@ -99,7 +99,7 @@ function admin_active()
|
|||
} else {
|
||||
$msg = error(_('Angel not found.'), true);
|
||||
}
|
||||
} elseif (isset($_REQUEST['not_active']) && preg_match('/^[0-9]+$/', $_REQUEST['not_active'])) {
|
||||
} elseif (isset($_REQUEST['not_active']) && preg_match('/^\d+$/', $_REQUEST['not_active'])) {
|
||||
$user_id = $_REQUEST['not_active'];
|
||||
$user_source = User($user_id);
|
||||
if ($user_source != null) {
|
||||
|
|
@ -109,7 +109,7 @@ function admin_active()
|
|||
} else {
|
||||
$msg = error(_('Angel not found.'), true);
|
||||
}
|
||||
} elseif (isset($_REQUEST['tshirt']) && preg_match('/^[0-9]+$/', $_REQUEST['tshirt'])) {
|
||||
} elseif (isset($_REQUEST['tshirt']) && preg_match('/^\d+$/', $_REQUEST['tshirt'])) {
|
||||
$user_id = $_REQUEST['tshirt'];
|
||||
$user_source = User($user_id);
|
||||
if ($user_source != null) {
|
||||
|
|
@ -119,7 +119,7 @@ function admin_active()
|
|||
} else {
|
||||
$msg = error('Angel not found.', true);
|
||||
}
|
||||
} elseif (isset($_REQUEST['not_tshirt']) && preg_match('/^[0-9]+$/', $_REQUEST['not_tshirt'])) {
|
||||
} elseif (isset($_REQUEST['not_tshirt']) && preg_match('/^\d+$/', $_REQUEST['not_tshirt'])) {
|
||||
$user_id = $_REQUEST['not_tshirt'];
|
||||
$user_source = User($user_id);
|
||||
if ($user_source != null) {
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ function admin_arrive()
|
|||
$search = strip_request_item('search');
|
||||
}
|
||||
|
||||
if (isset($_REQUEST['reset']) && preg_match('/^[0-9]*$/', $_REQUEST['reset'])) {
|
||||
if (isset($_REQUEST['reset']) && preg_match('/^\d*$/', $_REQUEST['reset'])) {
|
||||
$user_id = $_REQUEST['reset'];
|
||||
$user_source = User($user_id);
|
||||
if ($user_source != null) {
|
||||
|
|
@ -37,7 +37,7 @@ function admin_arrive()
|
|||
} else {
|
||||
$msg = error(_('Angel not found.'), true);
|
||||
}
|
||||
} elseif (isset($_REQUEST['arrived']) && preg_match('/^[0-9]*$/', $_REQUEST['arrived'])) {
|
||||
} elseif (isset($_REQUEST['arrived']) && preg_match('/^\d*$/', $_REQUEST['arrived'])) {
|
||||
$user_id = $_REQUEST['arrived'];
|
||||
$user_source = User($user_id);
|
||||
if ($user_source != null) {
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ function admin_groups()
|
|||
} else {
|
||||
switch ($_REQUEST['action']) {
|
||||
case 'edit':
|
||||
if (isset($_REQUEST['id']) && preg_match('/^-[0-9]{1,11}$/', $_REQUEST['id'])) {
|
||||
if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) {
|
||||
$group_id = $_REQUEST['id'];
|
||||
} else {
|
||||
return error('Incomplete call, missing Groups ID.', true);
|
||||
|
|
@ -99,7 +99,7 @@ function admin_groups()
|
|||
break;
|
||||
|
||||
case 'save':
|
||||
if (isset($_REQUEST['id']) && preg_match('/^-[0-9]{1,11}$/', $_REQUEST['id'])) {
|
||||
if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) {
|
||||
$group_id = $_REQUEST['id'];
|
||||
} else {
|
||||
return error('Incomplete call, missing Groups ID.', true);
|
||||
|
|
@ -114,7 +114,7 @@ function admin_groups()
|
|||
DB::delete('DELETE FROM `GroupPrivileges` WHERE `group_id`=?', [$group_id]);
|
||||
$privilege_names = [];
|
||||
foreach ($_REQUEST['privileges'] as $privilege) {
|
||||
if (preg_match('/^[0-9]{1,}$/', $privilege)) {
|
||||
if (preg_match('/^\d{1,}$/', $privilege)) {
|
||||
$group_privileges_source = DB::select(
|
||||
'SELECT `name` FROM `Privileges` WHERE `id`=? LIMIT 1',
|
||||
[$privilege]
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ function admin_news()
|
|||
}
|
||||
|
||||
$html = '<div class="col-md-12"><h1>' . _('Edit news entry') . '</h1>' . msg();
|
||||
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
|
||||
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
|
||||
$news_id = $_REQUEST['id'];
|
||||
} else {
|
||||
return error('Incomplete call, missing News ID.', true);
|
||||
|
|
|
|||
|
|
@ -98,7 +98,7 @@ function admin_questions()
|
|||
} else {
|
||||
switch ($_REQUEST['action']) {
|
||||
case 'answer':
|
||||
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
|
||||
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
|
||||
$question_id = $_REQUEST['id'];
|
||||
} else {
|
||||
return error('Incomplete call, missing Question ID.', true);
|
||||
|
|
@ -139,7 +139,7 @@ function admin_questions()
|
|||
}
|
||||
break;
|
||||
case 'delete':
|
||||
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
|
||||
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
|
||||
$question_id = $_REQUEST['id'];
|
||||
} else {
|
||||
return error('Incomplete call, missing Question ID.', true);
|
||||
|
|
|
|||
|
|
@ -112,7 +112,7 @@ function admin_rooms()
|
|||
foreach ($angeltypes as $angeltype_id => $angeltype) {
|
||||
if (
|
||||
isset($_REQUEST['angeltype_count_' . $angeltype_id])
|
||||
&& preg_match('/^[0-9]{1,4}$/', $_REQUEST['angeltype_count_' . $angeltype_id])
|
||||
&& preg_match('/^\d{1,4}$/', $_REQUEST['angeltype_count_' . $angeltype_id])
|
||||
) {
|
||||
$angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -72,7 +72,7 @@ function admin_shifts()
|
|||
// Auswahl der sichtbaren Locations für die Schichten
|
||||
if (
|
||||
isset($_REQUEST['rid'])
|
||||
&& preg_match('/^[0-9]+$/', $_REQUEST['rid'])
|
||||
&& preg_match('/^\d+$/', $_REQUEST['rid'])
|
||||
&& isset($room_array[$_REQUEST['rid']])
|
||||
) {
|
||||
$rid = $_REQUEST['rid'];
|
||||
|
|
@ -105,7 +105,7 @@ function admin_shifts()
|
|||
if ($_REQUEST['mode'] == 'single') {
|
||||
$mode = 'single';
|
||||
} elseif ($_REQUEST['mode'] == 'multi') {
|
||||
if (isset($_REQUEST['length']) && preg_match('/^[0-9]+$/', trim($_REQUEST['length']))) {
|
||||
if (isset($_REQUEST['length']) && preg_match('/^\d+$/', trim($_REQUEST['length']))) {
|
||||
$mode = 'multi';
|
||||
$length = trim($_REQUEST['length']);
|
||||
} else {
|
||||
|
|
@ -115,7 +115,7 @@ function admin_shifts()
|
|||
} elseif ($_REQUEST['mode'] == 'variable') {
|
||||
if (
|
||||
isset($_REQUEST['change_hours'])
|
||||
&& preg_match('/^([0-9]{2}(,|$))/', trim(str_replace(' ', '', $_REQUEST['change_hours'])))
|
||||
&& preg_match('/^(\d{2}(,|$))/', trim(str_replace(' ', '', $_REQUEST['change_hours'])))
|
||||
) {
|
||||
$mode = 'variable';
|
||||
$change_hours = array_map('trim', explode(',', $_REQUEST['change_hours']));
|
||||
|
|
@ -137,7 +137,7 @@ function admin_shifts()
|
|||
foreach ($types as $type) {
|
||||
if (
|
||||
isset($_REQUEST['type_' . $type['id']])
|
||||
&& preg_match('/^[0-9]+$/', trim($_REQUEST['type_' . $type['id']]))
|
||||
&& preg_match('/^\d+$/', trim($_REQUEST['type_' . $type['id']]))
|
||||
) {
|
||||
$needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]);
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -155,7 +155,7 @@ function guest_register()
|
|||
if (isset($_REQUEST['prename'])) {
|
||||
$preName = strip_request_item('prename');
|
||||
}
|
||||
if (isset($_REQUEST['age']) && preg_match('/^[0-9]{0,4}$/', $_REQUEST['age'])) {
|
||||
if (isset($_REQUEST['age']) && preg_match('/^\d{0,4}$/', $_REQUEST['age'])) {
|
||||
$age = strip_request_item('age');
|
||||
}
|
||||
if (isset($_REQUEST['tel'])) {
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ function user_atom()
|
|||
{
|
||||
global $user, $display_news;
|
||||
|
||||
if (!isset($_REQUEST['key']) || !preg_match('/^[0-9a-f]{32}$/', $_REQUEST['key'])) {
|
||||
if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
|
||||
engelsystem_error('Missing key.');
|
||||
}
|
||||
$key = $_REQUEST['key'];
|
||||
|
|
@ -48,7 +48,7 @@ function make_atom_entries_from_news($news_entries)
|
|||
<title>Engelsystem</title>
|
||||
<id>' . $_SERVER['HTTP_HOST']
|
||||
. htmlspecialchars(preg_replace(
|
||||
'#[&?]key=[a-f0-9]{32}#',
|
||||
'#[&?]key=[a-f\d]{32}#',
|
||||
'',
|
||||
$_SERVER['REQUEST_URI']
|
||||
))
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ function user_ical()
|
|||
{
|
||||
global $user;
|
||||
|
||||
if (!isset($_REQUEST['key']) || !preg_match('/^[0-9a-f]{32}$/', $_REQUEST['key'])) {
|
||||
if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
|
||||
engelsystem_error('Missing key.');
|
||||
}
|
||||
$key = $_REQUEST['key'];
|
||||
|
|
|
|||
|
|
@ -123,7 +123,7 @@ function user_messages()
|
|||
} else {
|
||||
switch ($_REQUEST['action']) {
|
||||
case 'read':
|
||||
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
|
||||
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
|
||||
$message_id = $_REQUEST['id'];
|
||||
} else {
|
||||
return error(_('Incomplete call, missing Message ID.'), true);
|
||||
|
|
@ -145,7 +145,7 @@ function user_messages()
|
|||
break;
|
||||
|
||||
case 'delete':
|
||||
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
|
||||
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
|
||||
$message_id = $_REQUEST['id'];
|
||||
} else {
|
||||
return error(_('Incomplete call, missing Message ID.'), true);
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ function user_myshifts()
|
|||
if (
|
||||
isset($_REQUEST['id'])
|
||||
&& in_array('user_shifts_admin', $privileges)
|
||||
&& preg_match('/^[0-9]{1,}$/', $_REQUEST['id'])
|
||||
&& preg_match('/^\d{1,}$/', $_REQUEST['id'])
|
||||
&& count(DB::select('SELECT `UID` FROM `User` WHERE `UID`=?', [$_REQUEST['id']])) > 0
|
||||
) {
|
||||
$user_id = $_REQUEST['id'];
|
||||
|
|
@ -47,7 +47,7 @@ function user_myshifts()
|
|||
),
|
||||
button(page_link_to('user_myshifts') . '&reset=ack', _('Continue'), 'btn-danger')
|
||||
]);
|
||||
} elseif (isset($_REQUEST['edit']) && preg_match('/^[0-9]*$/', $_REQUEST['edit'])) {
|
||||
} elseif (isset($_REQUEST['edit']) && preg_match('/^\d*$/', $_REQUEST['edit'])) {
|
||||
$user_id = $_REQUEST['edit'];
|
||||
$shift = DB::select('
|
||||
SELECT
|
||||
|
|
@ -129,7 +129,7 @@ function user_myshifts()
|
|||
} else {
|
||||
redirect(page_link_to('user_myshifts'));
|
||||
}
|
||||
} elseif (isset($_REQUEST['cancel']) && preg_match('/^[0-9]*$/', $_REQUEST['cancel'])) {
|
||||
} elseif (isset($_REQUEST['cancel']) && preg_match('/^\d*$/', $_REQUEST['cancel'])) {
|
||||
$user_id = $_REQUEST['cancel'];
|
||||
$shift = DB::select('
|
||||
SELECT *
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ function user_meetings()
|
|||
|
||||
$html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();
|
||||
|
||||
if (isset($_REQUEST['page']) && preg_match('/^[0-9]{1,}$/', $_REQUEST['page'])) {
|
||||
if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) {
|
||||
$page = $_REQUEST['page'];
|
||||
} else {
|
||||
$page = 0;
|
||||
|
|
@ -120,7 +120,7 @@ function user_news_comments()
|
|||
$html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
|
||||
if (
|
||||
isset($_REQUEST['nid'])
|
||||
&& preg_match('/^[0-9]{1,}$/', $_REQUEST['nid'])
|
||||
&& preg_match('/^\d{1,}$/', $_REQUEST['nid'])
|
||||
&& count(DB::select('SELECT `ID` FROM `News` WHERE `ID`=? LIMIT 1', [$_REQUEST['nid']])) > 0
|
||||
) {
|
||||
$nid = $_REQUEST['nid'];
|
||||
|
|
@ -203,7 +203,7 @@ function user_news()
|
|||
redirect(page_link_to('news'));
|
||||
}
|
||||
|
||||
if (isset($_REQUEST['page']) && preg_match('/^[0-9]{1,}$/', $_REQUEST['page'])) {
|
||||
if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) {
|
||||
$page = $_REQUEST['page'];
|
||||
} else {
|
||||
$page = 0;
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ function user_questions()
|
|||
}
|
||||
break;
|
||||
case 'delete':
|
||||
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
|
||||
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
|
||||
$question_id = $_REQUEST['id'];
|
||||
} else {
|
||||
return error(_('Incomplete call, missing Question ID.'), true);
|
||||
|
|
|
|||
|
|
@ -164,7 +164,7 @@ function strip_request_item($name, $default_value = null)
|
|||
function test_request_int($name)
|
||||
{
|
||||
if (isset($_REQUEST[$name])) {
|
||||
return preg_match('/^[0-9]*$/', $_REQUEST[$name]);
|
||||
return preg_match('/^\d*$/', $_REQUEST[$name]);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ if (!isset($_REQUEST['p'])) {
|
|||
|
||||
if (
|
||||
isset($_REQUEST['p'])
|
||||
&& preg_match('/^[a-z0-9_]*$/i', $_REQUEST['p'])
|
||||
&& preg_match('/^\w*$/i', $_REQUEST['p'])
|
||||
&& (
|
||||
in_array($_REQUEST['p'], $free_pages)
|
||||
|| (isset($privileges) && in_array($_REQUEST['p'], $privileges))
|
||||
|
|
|
|||
Loading…
Reference in New Issue