makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-27 21:58:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/12983] Correctly validate sorting options in the UCP

Browse source 
PHPBB3-12983
This commit is contained in:
Joas Schilling 2014-09-05 13:24:31 +02:00
parent 10c99b3c2b
commit b9cb3b9e3e
2 changed files with 22 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
phpBB/includes/ucp/ucp_prefs.php
View file

@ -223,11 +223,11 @@ class ucp_prefs
$data = array(
'topic_sk' => request_var('topic_sk', (!empty($user->data['user_topic_sortby_type'])) ? $user->data['user_topic_sortby_type'] : 't'),
'topic_sd' => request_var('topic_sd', (!empty($user->data['user_topic_sortby_dir'])) ? $user->data['user_topic_sortby_dir'] : 'd'),
'topic_st' => request_var('topic_st', (!empty($user->data['user_topic_show_days'])) ? $user->data['user_topic_show_days'] : 0),
'topic_st' => request_var('topic_st', (!empty($user->data['user_topic_show_days'])) ? (int) $user->data['user_topic_show_days'] : 0),
'post_sk' => request_var('post_sk', (!empty($user->data['user_post_sortby_type'])) ? $user->data['user_post_sortby_type'] : 't'),
'post_sd' => request_var('post_sd', (!empty($user->data['user_post_sortby_dir'])) ? $user->data['user_post_sortby_dir'] : 'a'),
'post_st' => request_var('post_st', (!empty($user->data['user_post_show_days'])) ? $user->data['user_post_show_days'] : 0),
'post_st' => request_var('post_st', (!empty($user->data['user_post_show_days'])) ? (int) $user->data['user_post_show_days'] : 0),
'images' => request_var('images', (bool) $user->optionget('viewimg')),
'flash' => request_var('flash', (bool) $user->optionget('viewflash')),
@ -254,10 +254,22 @@ class ucp_prefs
if ($submit)
{
$error = validate_data($data, array(
'topic_sk' => array('string', false, 1, 1),
'topic_sd' => array('string', false, 1, 1),
'post_sk' => array('string', false, 1, 1),
'post_sd' => array('string', false, 1, 1),
'topic_sk' => array(
array('string', false, 1, 1),
array('match', false, '#(a|r|s|t|v)#'),
),
'topic_sd' => array(
array('string', false, 1, 1),
array('match', false, '#(a|d)#'),
),
'post_sk' => array(
array('string', false, 1, 1),
array('match', false, '#(a|s|t)#'),
),
'post_sd' => array(
array('string', false, 1, 1),
array('match', false, '#(a|d)#'),
),
));
if (!check_form_key('ucp_prefs_view'))

4
phpBB/language/en/common.php
View file

@ -864,6 +864,10 @@ $lang = array_merge($lang, array(
'WRONG_DATA_COLOUR' => 'The colour value you entered is invalid.',
'WRONG_DATA_JABBER' => 'The name you entered is not a valid Jabber account name.',
'WRONG_DATA_LANG' => 'The language you specified is not valid.',
'WRONG_DATA_POST_SD' => 'The post sort direction you specified is not valid.',
'WRONG_DATA_POST_SK' => 'The post sort option you specified is not valid.',
'WRONG_DATA_TOPIC_SD' => 'The topic sort direction you specified is not valid.',
'WRONG_DATA_TOPIC_SK' => 'The topic sort option you specified is not valid.',
'WROTE' => 'wrote',
'YAHOO' => 'Yahoo Messenger',