Changeset 901 for trunk/Modules


Ignore:
Timestamp:
Oct 2, 2024, 10:31:47 PM (3 months ago)
Author:
chronos
Message:
  • Fixed: More integer URL parameters checking.
  • Modified: More explicit function types.
Location:
trunk/Modules
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/Modules/ClientVersion/ClientVersion.php

    r888 r901  
    3939  }
    4040
    41   function ShowItem()
     41  function ShowItem(): string
    4242  {
    43     if (array_key_exists('id', $_GET))
     43    $Id = 0;
     44    if (TryGetUrlParameterInt('id', $Id))
    4445    {
    4546      $YesNo = array('Ne', 'Ano');
    46       $DbResult = $this->System->Database->query('SELECT * FROM `ClientVersion` WHERE `Id`='.($_GET['id']*1));
     47      $DbResult = $this->System->Database->query('SELECT * FROM `ClientVersion` WHERE `Id`='.$Id);
    4748      if ($DbResult->num_rows > 0)
    4849      {
    4950        $Version = $DbResult->fetch_assoc();
    5051
    51       $Output = '<h3>'.T('Client version').'</h3>';
    52       $Output .= '<table class="BaseTable">'.
    53         '<tr><td>'.T('Version').'</td><td>'.$Version['Version'].'</td></tr>'.
    54         '<tr><td>'.T('More information').'</td><td><a href="http://www.wowwiki.com/Patch_'.$Version['Version'].'">wowwiki.com'.
    55         '</a></td></tr>'.
    56         '<tr><td>'.T('Build number').'</td><td>'.$Version['BuildNumber'].'</td></tr>'.
    57         '<tr><td>'.T('Release date').'</td><td>'.HumanDate($Version['ReleaseDate']).'</td></tr>'.
    58         '<tr><td>'.T('Title').'</td><td>'.$Version['Title'].'</td></tr>'.
    59         '<tr><td>'.T('Imported').'</td><td>'.$YesNo[$Version['Imported']].'</td></tr>'.
    60         '</table>';
     52        $Output = '<h3>'.T('Client version').'</h3>';
     53        $Output .= '<table class="BaseTable">'.
     54          '<tr><td>'.T('Version').'</td><td>'.$Version['Version'].'</td></tr>'.
     55          '<tr><td>'.T('More information').'</td><td><a href="http://www.wowwiki.com/Patch_'.$Version['Version'].'">wowwiki.com'.
     56          '</a></td></tr>'.
     57          '<tr><td>'.T('Build number').'</td><td>'.$Version['BuildNumber'].'</td></tr>'.
     58          '<tr><td>'.T('Release date').'</td><td>'.HumanDate($Version['ReleaseDate']).'</td></tr>'.
     59          '<tr><td>'.T('Title').'</td><td>'.$Version['Title'].'</td></tr>'.
     60          '<tr><td>'.T('Imported').'</td><td>'.$YesNo[$Version['Imported']].'</td></tr>'.
     61          '</table>';
    6162        $Output .= '<div><a href="?">'.T('All versions list').'</a></div>';
    6263        if ($Version['Imported'])
     64        {
    6365          $Output .= '<div><a href="'.$this->System->Link('/progress/?Version='.
    6466            $Version['Version']).'">'.T('Progress').'</a></div>';
     67        }
    6568      } else $Output = ShowMessage(T('Item not found'), MESSAGE_CRITICAL);
    66     } else $Output = ShowMessage(T('Item not found'), MESSAGE_CRITICAL);
     69    } else $Output = ShowMessage(T('Id not valid'), MESSAGE_CRITICAL);
    6770    return $Output;
    6871  }
    6972
    70   function ShowList()
     73  function ShowList(): string
    7174  {
    7275    $this->Title = T('Game version');
  • trunk/Modules/News/News.php

    r893 r901  
    9797    $Output .= '<div class="shoutbox">';
    9898    $DbResult = $this->System->Database->query('SELECT `News`.`Time`, `News`.`Text`, `News`.`Title`, `News`.`Id`, '.
    99         '`User`.`Name` AS `User` FROM `News` JOIN `User` ON `User`.`Id`=`News`.`User` ORDER BY `News`.`Time` DESC '.$PageList['SQLLimit']);
     99      '`User`.`Name` AS `User` FROM `News` JOIN `User` ON `User`.`Id`=`News`.`User` ORDER BY `News`.`Time` DESC '.$PageList['SQLLimit']);
    100100    while ($Line = $DbResult->fetch_assoc())
    101101    {
     
    108108  function ShowItem()
    109109  {
    110     if (array_key_exists('i', $_GET))
     110    $Id = 0;
     111    if (TryGetUrlParameterInt('i', $Id))
    111112    {
    112113      $Output = '<h3>'.T('News').'</h3>';
    113114      $DbResult = $this->System->Database->query('SELECT `News`.`Time`, `News`.`Text`, `News`.`Title`, `News`.`Id`, '.
    114         '`User`.`Name` AS `User` FROM `News` JOIN `User` ON `User`.`Id`=`News`.`User` WHERE `News`.`Id` = '.($_GET['i'] * 1));
     115        '`User`.`Name` AS `User` FROM `News` JOIN `User` ON `User`.`Id`=`News`.`User` WHERE `News`.`Id` = '.$Id);
    115116      if ($DbResult->num_rows == 1)
    116117      {
     
    118119        $Output .= '<h4>'.$Line['Title'].' ('.HumanDate($Line['Time']).')</h4><div>'.$Line['Text'].' ('.$Line['User'].')</div>';
    119120      } else $Output = ShowMessage(T('Item not found'), MESSAGE_CRITICAL);
    120     } else $Output = ShowMessage(T('Item not found'), MESSAGE_CRITICAL);
     121    } else $Output = ShowMessage(T('Id not valid'), MESSAGE_CRITICAL);
    121122    $Output .= '<br/><a href="'.$this->System->Link('/news/').'">'.T('All news').'</a>';
    122123    return $Output;
  • trunk/Modules/Translation/Form.php

    r900 r901  
    3030      else $Action = '';
    3131
    32     if (array_key_exists('ID', $_GET))
     32    $TextID = 0;
     33    if (TryGetUrlParameterInt('ID', $TextID))
    3334    {
    34       $TextID = $_GET['ID'] * 1;
    3535      $this->ID = $TextID;
    3636
Note: See TracChangeset for help on using the changeset viewer.