yolinlin/aowow
1
0
Fork 0
mirror of https://github.com/Sarjuuk/aowow.git synced 2025-11-29 15:58:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Misc/Fixes

Browse Source 
* cast GET-params to lower case
 * fixed typo in constant name
 * fixed scope issue when aggregating sql stats
This commit is contained in:
Sarjuuk
2018-12-02 14:23:53 +01:00
parent da1946df0f
commit 972a7f241e
3 changed files with 26 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
includes/ajaxHandler/profile.class.php
View File

@@ -11,7 +11,7 @@ class AjaxProfile extends AjaxHandler
protected $_get = array( protected $_get = array(
'id' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkIdList'] ], 'id' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkIdList'] ],
'items' => [FILTER_CALLBACK, ['options' => 'AjaxProfile::checkItemList'] ], 'items' => [FILTER_CALLBACK, ['options' => 'AjaxProfile::checkItemList'] ],
'size' => [FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_LOW_HIGH], 'size' => [FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH],
'guild' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkEmptySet'] ], 'guild' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkEmptySet'] ],
'arena-team' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkEmptySet'] ], 'arena-team' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkEmptySet'] ],
'user' => [FILTER_CALLBACK, ['options' => 'AjaxProfile::checkUser'] ] 'user' => [FILTER_CALLBACK, ['options' => 'AjaxProfile::checkUser'] ]
@@ -28,11 +28,11 @@ class AjaxProfile extends AjaxHandler
'talenttree2' => [FILTER_SANITIZE_NUMBER_INT, null ], 'talenttree2' => [FILTER_SANITIZE_NUMBER_INT, null ],
'talenttree3' => [FILTER_SANITIZE_NUMBER_INT, null ], 'talenttree3' => [FILTER_SANITIZE_NUMBER_INT, null ],
'activespec' => [FILTER_SANITIZE_NUMBER_INT, null ], 'activespec' => [FILTER_SANITIZE_NUMBER_INT, null ],
'talentbuild1' => [FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_LOW_HIGH ], 'talentbuild1' => [FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH ],
'glyphs1' => [FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_LOW_HIGH ], 'glyphs1' => [FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH ],
'talentbuild2' => [FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_LOW_HIGH ], 'talentbuild2' => [FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH ],
'glyphs2' => [FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_LOW_HIGH ], 'glyphs2' => [FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH ],
'icon' => [FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_LOW_HIGH ], 'icon' => [FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH ],
'description' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkFulltext'] ], 'description' => [FILTER_CALLBACK, ['options' => 'AjaxHandler::checkFulltext'] ],
'source' => [FILTER_SANITIZE_NUMBER_INT, null ], 'source' => [FILTER_SANITIZE_NUMBER_INT, null ],
'copy' => [FILTER_SANITIZE_NUMBER_INT, null ], 'copy' => [FILTER_SANITIZE_NUMBER_INT, null ],

2
includes/kernel.php
View File

@@ -241,7 +241,7 @@ if (!CLI)
} }
// parse page-parameters .. sanitize before use! // parse page-parameters .. sanitize before use!
$str = explode('&', $_SERVER['QUERY_STRING'], 2)[0]; $str = explode('&', mb_strtolower($_SERVER['QUERY_STRING']), 2)[0];
$_ = explode('=', $str, 2); $_ = explode('=', $str, 2);
$pageCall = $_[0]; $pageCall = $_[0];
$pageParam = isset($_[1]) ? $_[1] : null; $pageParam = isset($_[1]) ? $_[1] : null;

19
pages/genericPage.class.php
View File

@@ -135,16 +135,17 @@ trait TrProfiler
{ {
$this->prepareContent(); $this->prepareContent();
$this->hasComContent = false;
$this->notFound = array( $this->notFound = array(
'title' => sprintf(Lang::profiler('firstUseTitle'), $this->subjectName, $this->realm), 'title' => sprintf(Lang::profiler('firstUseTitle'), $this->subjectName, $this->realm),
'msg' => '' 'msg' => ''
); );
$this->hasComContent = false;
Util::arraySumByKey($this->mysql, DB::Aowow()->getStatistics(), DB::World()->getStatistics());
if (isset($this->tabId)) if (isset($this->tabId))
$this->pageTemplate['activeTab'] = $this->tabId; $this->pageTemplate['activeTab'] = $this->tabId;
$this->sumSQLStats();
$this->display('text-page-generic'); $this->display('text-page-generic');
exit(); exit();
} }
@@ -399,7 +400,7 @@ class GenericPage
} }
$this->time = microtime(true) - $this->time; $this->time = microtime(true) - $this->time;
Util::arraySumByKey($this->mysql, DB::Aowow()->getStatistics(), DB::World()->getStatistics()); $this->sumSQLStats();
} }
public function addJS($name, $unshift = false) public function addJS($name, $unshift = false)
@@ -555,6 +556,11 @@ class GenericPage
header('Location: ?account=signin'.$next, true, 302); header('Location: ?account=signin'.$next, true, 302);
} }
protected function sumSQLStats()
{
Util::arraySumByKey($this->mysql, DB::Aowow()->getStatistics(), DB::World()->getStatistics());
}
/*******************/ /*******************/
/* Special Display */ /* Special Display */
/*******************/ /*******************/
@@ -563,16 +569,17 @@ class GenericPage
{ {
array_unshift($this->title, Lang::main('nfPageTitle')); array_unshift($this->title, Lang::main('nfPageTitle'));
$this->hasComContent = false;
$this->notFound = array( $this->notFound = array(
'title' => isset($this->typeId) ? Util::ucFirst($title).' #'.$this->typeId : $title, 'title' => isset($this->typeId) ? Util::ucFirst($title).' #'.$this->typeId : $title,
'msg' => !$msg && isset($this->typeId) ? sprintf(Lang::main('pageNotFound'), $title) : $msg 'msg' => !$msg && isset($this->typeId) ? sprintf(Lang::main('pageNotFound'), $title) : $msg
); );
$this->hasComContent = false;
Util::arraySumByKey($this->mysql, DB::Aowow()->getStatistics(), DB::World()->getStatistics());
if (isset($this->tabId)) if (isset($this->tabId))
$this->pageTemplate['activeTab'] = $this->tabId; $this->pageTemplate['activeTab'] = $this->tabId;
$this->sumSQLStats();
header('HTTP/1.0 404 Not Found', true, 404); header('HTTP/1.0 404 Not Found', true, 404);
$this->display('list-page-generic'); $this->display('list-page-generic');
@@ -590,7 +597,7 @@ class GenericPage
$this->addArticle(); $this->addArticle();
Util::arraySumByKey($this->mysql, DB::Aowow()->getStatistics(), DB::World()->getStatistics()); $this->sumSQLStats();
header('HTTP/1.0 404 Not Found', true, 404); header('HTTP/1.0 404 Not Found', true, 404);