mirror of
https://github.com/Sarjuuk/aowow.git
synced 2025-11-29 15:58:16 +08:00
99fdad29dd
* separated into appropriate subclasses * unified sanitizing of $_GET and $_POST data using build in filter_input() * index now always tries to resolve page calls with ajaxHandler first and as a page last minor bug-fixes to bugs that wre not reported yet, because they didn't occur yet (e.g.: nobody tried to compose a comment with >7500 characters yet)
37 lines
1006 B
PHP
37 lines
1006 B
PHP
<?php
|
|
|
|
if (!defined('AOWOW_REVISION'))
|
|
die('invalid access');
|
|
|
|
class AjaxCookie extends AjaxHandler
|
|
{
|
|
public function __construct(array $params)
|
|
{
|
|
// note that parent::__construct has to come after this
|
|
if (!$params || !User::$id)
|
|
return;
|
|
|
|
$this->_get = array(
|
|
this->params[0] => [FILTER_SANITIZE_STRING, 0xC], // FILTER_FLAG_STRIP_LOW | *_HIGH
|
|
);
|
|
|
|
// NOW we know, what to expect and sanitize
|
|
parent::__construct($params);
|
|
|
|
// always this one
|
|
$this->handler = 'handleCookie';
|
|
}
|
|
|
|
/* responses
|
|
0: success
|
|
$: silent error
|
|
*/
|
|
protected function handleCookie()
|
|
{
|
|
if (User::$id && $this->params && $this->_get[$this->params[0]])
|
|
if (DB::Aowow()->query('REPLACE INTO ?_account_cookies VALUES (?d, ?, ?)', User::$id, $this->params[0], $this->_get[$this->params[0]]))
|
|
return 0;
|
|
|
|
return null;
|
|
}
|
|
} |