joshuacoles/wallos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Refactor input validation

Browse Source
This commit is contained in:
Miguel Ribeiro 2024-02-10 14:17:19 +01:00
parent 048bf2d0aa
commit e075714d12
6 changed files with 24 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
endpoints/categories/category.php
View File

@ -1,13 +1,9 @@
<?php <?php
require_once '../../includes/connect_endpoint.php'; require_once '../../includes/connect_endpoint.php';
require_once '../../includes/inputvalidation.php';
session_start(); session_start();
function validate($value) {
$value = trim($value);
$value = stripslashes($value);
$value = htmlspecialchars($value);
$value = htmlentities($value);
return $value;
}
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) { if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) {
if (isset($_GET['action']) && $_GET['action'] == "add") { if (isset($_GET['action']) && $_GET['action'] == "add") {
$categoryName = "Category"; $categoryName = "Category";

10
endpoints/currency/currency.php
View File

@ -1,13 +1,9 @@
<?php <?php
require_once '../../includes/connect_endpoint.php'; require_once '../../includes/connect_endpoint.php';
require_once '../../includes/inputvalidation.php';
session_start(); session_start();
function validate($value) {
$value = trim($value);
$value = stripslashes($value);
$value = htmlspecialchars($value);
$value = htmlentities($value);
return $value;
}
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) { if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) {
if (isset($_GET['action']) && $_GET['action'] == "add") { if (isset($_GET['action']) && $_GET['action'] == "add") {
$currencyName = "Currency"; $currencyName = "Currency";

10
endpoints/household/household.php
View File

@ -1,13 +1,9 @@
<?php <?php
require_once '../../includes/connect_endpoint.php'; require_once '../../includes/connect_endpoint.php';
require_once '../../includes/inputvalidation.php';
session_start(); session_start();
function validate($value) {
$value = trim($value);
$value = stripslashes($value);
$value = htmlspecialchars($value);
$value = htmlentities($value);
return $value;
}
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) { if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) {
if (isset($_GET['action']) && $_GET['action'] == "add") { if (isset($_GET['action']) && $_GET['action'] == "add") {
$householdName = "Member"; $householdName = "Member";

9
endpoints/subscription/add.php
View File

@ -1,6 +1,8 @@
<?php <?php
error_reporting(E_ERROR | E_PARSE); error_reporting(E_ERROR | E_PARSE);
require_once '../../includes/connect_endpoint.php'; require_once '../../includes/connect_endpoint.php';
require_once '../../includes/inputvalidation.php';
session_start(); session_start();
function sanitizeFilename($filename) { function sanitizeFilename($filename) {
@ -9,13 +11,6 @@
return $filename; return $filename;
} }
function validate($value) {
$value = trim($value);
$value = stripslashes($value);
$value = htmlspecialchars($value);
$value = htmlentities($value);
return $value;
}
function getLogoFromUrl($url, $uploadDir, $name) { function getLogoFromUrl($url, $uploadDir, $name) {
$ch = curl_init($url); $ch = curl_init($url);

10
endpoints/user/save_user.php
View File

@ -1,14 +1,8 @@
<?php <?php
require_once '../../includes/connect_endpoint.php'; require_once '../../includes/connect_endpoint.php';
session_start(); require_once '../../includes/inputvalidation.php';
function validate($value) { session_start();
$value = trim($value);
$value = stripslashes($value);
$value = htmlspecialchars($value);
$value = htmlentities($value);
return $value;
}
function update_exchange_rate($db) { function update_exchange_rate($db) {
$query = "SELECT api_key FROM fixer"; $query = "SELECT api_key FROM fixer";

11
includes/inputvalidation.php Normal file
View File

@ -0,0 +1,11 @@
<?php
function validate($value) {
$value = trim($value);
$value = stripslashes($value);
$value = htmlspecialchars($value);
$value = htmlentities($value);
return $value;
}
?>