From: Nicolas Boisselier Date: Thu, 2 Jul 2015 23:29:15 +0000 (+0100) Subject: give up _REQUEST slowly X-Git-Url: https://git.nbdom.net/?a=commitdiff_plain;h=d69b98fcb6b5eb681cdc8d4579328ac456eb39ab;p=nb.git give up _REQUEST slowly --- diff --git a/lib/php/db.php b/lib/php/db.php index d01fba53..5f4410f9 100644 --- a/lib/php/db.php +++ b/lib/php/db.php @@ -8,7 +8,6 @@ *****************************************************************************/ require_once(dirname(__FILE__).'/functions.php'); if (!defined('DB_HTML_EDIT')) define('DB_HTML_EDIT','Edit'); -if (!defined('DEBUG')) define('DEBUG',0); class db { @@ -92,28 +91,27 @@ class db { } function tables() { - if (!$this->tables) { + if ($this->tables) return $this->tables; - if ($this->type == 'sqlite') { - $sql = "SELECT name FROM sqlite_master WHERE type='table' AND name NOT LIKE 'sqlite_%' ORDER BY name"; + if ($this->type == 'sqlite') { + $sql = "SELECT name FROM sqlite_master WHERE type='table' AND name NOT LIKE 'sqlite_%' ORDER BY name"; - } elseif ($this->type == 'pgsql') { - $sql = "SELECT table_name FROM information_schema.tables WHERE table_type in('BASE TABLE','LOCAL TEMPORARY') AND table_schema NOT IN ('pg_catalog', 'information_schema')"; + } elseif ($this->type == 'pgsql') { + $sql = "SELECT table_name FROM information_schema.tables WHERE table_type in('BASE TABLE','LOCAL TEMPORARY') AND table_schema NOT IN ('pg_catalog', 'information_schema')"; - } elseif ($this->type == 'mysql') { - $sql = "SHOW TABLES"; + } elseif ($this->type == 'mysql') { + $sql = "SHOW TABLES"; - } else { - err('db.tables(): Unknow db type: '.$this->type); - return array(); - } - - $rows = $this->conn->query($sql); - foreach ($rows as $row) { - $this->tables[] = current($row); - } + } else { + err('db.tables(): Unknow db type: '.$this->type); + return array(); + } + $rows = $this->conn->query($sql); + foreach ($rows as $row) { + $this->tables[] = current($row); } + return $this->tables; } @@ -149,13 +147,13 @@ EOF; function print_header($type) { - if ($_REQUEST['format']=='csv') { + if ($this->p('format')=='csv') { header('Content-type: text/plain'); - } elseif ($_REQUEST['format']=='yaml') { + } elseif ($this->p('format')=='yaml') { header('Content-type: text/yaml'); - } elseif ($_REQUEST['format']=='xml') { + } elseif ($this->p('format')=='xml') { header('Content-type: text/xml'); } else { @@ -168,7 +166,6 @@ EOF; function initParams($tables=null) { - if (empty($_REQUEST)) $_REQUEST = array(); if ($tables === null) $tables = $this->tables(); #$_REQUEST['table'] = @$_REQUEST['table'] ? preg_replace('/^([\w\d_-]+).*$/','\1',$_REQUEST['table']) : $tables[0]; @@ -200,13 +197,14 @@ EOF; #$count = $table->rowCount(); $r .= ''.PHP_EOL; } $r .= ''.PHP_EOL; $r .= ''.PHP_EOL; + $r .= '
'.PHP_EOL; return $r; @@ -218,7 +216,7 @@ EOF; #$count = $table->rowCount(); $r .= '
  • '; #$pretty = prettyText($table); - $r .= $table == @$_REQUEST['table'] ? "$table" : ''.$table.""; + $r .= $table == $this->p('table') ? "$table" : ''.$table.""; $r .= '
    • '.PHP_EOL; } @@ -231,6 +229,15 @@ EOF; } + /* + * Function: p + * Return a param + */ + function p($name=null,$default=null) { + if ($name === null) return isset($_REQUEST) ? $_REQUEST : array(); + return isset($_REQUEST[$name]) ? $_REQUEST[$name] : $default; + } + } class table { @@ -279,7 +286,7 @@ class table { * @param (array) */ function page($Page,$param=null) { - if ($param === null) $param = $_REQUEST; + if ($param === null) $param = $this->p(); elseif (!is_array($param)) $param = array('name' => $param); foreach (array( @@ -291,9 +298,9 @@ class table { #if ($Page->is('html')) $this->form_criterias(); - if (@$_REQUEST['format']) $this->print_header($_REQUEST['format']); - if (@$_REQUEST['format']) { - $this->rows(array('format' => @$_REQUEST['format'])); + if ($this->p('format')) $this->print_header($this->p('format')); + if ($this->p('format')) { + $this->rows(array('format' => $this->p('format'))); return 0; } @@ -310,7 +317,7 @@ class table { Rows */ if (@$this) $this->rows(array( - 'format' => @$_REQUEST['format'], + 'format' => $this->p('format'), )); // END @@ -399,14 +406,14 @@ FROM pg_catalog.pg_attribute a WHERE a.attrelid = (SELECT c.oid FROM pg_catalog. } function url_edit($values=null,$sep='&') { - if ($values === null) $values = $_REQUEST; + if ($values === null) $values = $this->db->p(); $url_edit = array(); foreach ($this->fields_keys() as $name => $spec) { $url_edit[] = $name . '=' .urlencode($values[$name]); } - return $url_edit ? 'edit/?table='.$_REQUEST['table'].$sep.join($sep,$url_edit) : ''; + return $url_edit ? 'edit/?table='.$this->db->p('table').$sep.join($sep,$url_edit) : ''; } @@ -427,7 +434,7 @@ FROM pg_catalog.pg_attribute a WHERE a.attrelid = (SELECT c.oid FROM pg_catalog. } function html_edit($values = null) { - if ($values === null) $values = $_REQUEST; + if ($values === null) $values = $this->db->p(); if (!is_array($values)) $values = array($values); $sql = "SELECT *" . $this->select_extras(); @@ -461,7 +468,7 @@ FROM pg_catalog.pg_attribute a WHERE a.attrelid = (SELECT c.oid FROM pg_catalog. echo '' .'
    ' .'' - .'' + .'' .'' .($_SERVER['HTTP_REFERER'] ? '' : '') .'
    '.PHP_EOL @@ -479,8 +486,8 @@ FROM pg_catalog.pg_attribute a WHERE a.attrelid = (SELECT c.oid FROM pg_catalog. foreach (array_merge( $this->params, array_keys($this->fields()) ) as $f) { - if (@strcmp($_REQUEST[$f],'')==0) continue; - $params[$f] = $_REQUEST[$f]; + if (@strcmp($this->db->p($f),'')==0) continue; + $params[$f] = $this->db->p($f); } @@ -505,7 +512,7 @@ FROM pg_catalog.pg_attribute a WHERE a.attrelid = (SELECT c.oid FROM pg_catalog. $html = ''; # Asc - $sel = ( @$_REQUEST['sort']=="$name asc") ? " sel" : ""; + $sel = ( $this->db->p('sort')=="$name asc") ? " sel" : ""; $html .= '' .'' .''; @@ -516,7 +523,7 @@ FROM pg_catalog.pg_attribute a WHERE a.attrelid = (SELECT c.oid FROM pg_catalog. $html .= ' '; # Desc - $sel = ( @$_REQUEST['sort']=="$name desc") ? " sel" : ""; + $sel = ( $this->db->p('sort')=="$name desc") ? " sel" : ""; $html .= '' .'' .''; @@ -583,7 +590,7 @@ FROM pg_catalog.pg_attribute a WHERE a.attrelid = (SELECT c.oid FROM pg_catalog. 'OR', ),array( 'html' => 'name="op"', - 'selected' => @$_REQUEST['op'], + 'selected' => $this->db->p('op'), )); $criteria[] = html_select_array(array( @@ -594,7 +601,7 @@ FROM pg_catalog.pg_attribute a WHERE a.attrelid = (SELECT c.oid FROM pg_catalog. array('json','JSON'), ),array( 'html' => 'name="format"', - 'selected' => @$_REQUEST['format'], + 'selected' => $this->db->p('format'), )); $criteria[] = ''; @@ -731,7 +738,7 @@ FROM pg_catalog.pg_attribute a WHERE a.attrelid = (SELECT c.oid FROM pg_catalog. // Select // $sql = "SELECT *" . $this->select_extras(); - $sql .= " FROM $this->name".$this->where_criterias($_REQUEST,@$_REQUEST['op']); + $sql .= " FROM $this->name".$this->where_criterias($this->db->p(),$this->db->p('op')); $this->sql = $sql; #$this->debug($sql); $this->debug($sql,1); @@ -749,10 +756,10 @@ FROM pg_catalog.pg_attribute a WHERE a.attrelid = (SELECT c.oid FROM pg_catalog. $tot = $query->fetch(); #if (!$tot) return; - if (isset($_REQUEST['sort'])) $sql .= ' ORDER BY '.$_REQUEST['sort']; + if ($this->db->p('sort')) $sql .= ' ORDER BY '.$this->db->p('sort'); - if (isset($_REQUEST['limit'])) { - $limit = $_REQUEST['limit']; + if ($this->db->p('limit')) { + $limit = $this->db->p('limit'); $sql .= ' LIMIT '.$limit; } else { $limit = ''; @@ -770,7 +777,7 @@ FROM pg_catalog.pg_attribute a WHERE a.attrelid = (SELECT c.oid FROM pg_catalog. if ($opt['is_html']) echo ''.PHP_EOL; $escape = preg_match('/^(table|row|xml)$/',$format) ? true : false; - if (preg_match('/^(1)?$/',@$_REQUEST['header'])) echo $this->{"rows_begin_$format"}($opt); + if (preg_match('/^(1)?$/',$this->db->p('header'))) echo $this->{"rows_begin_$format"}($opt); $count = 0; while ($row = $st->fetch(PDO::FETCH_ASSOC, PDO::FETCH_ORI_NEXT)) { @@ -793,7 +800,7 @@ FROM pg_catalog.pg_attribute a WHERE a.attrelid = (SELECT c.oid FROM pg_catalog. $count_fields++; /* only if in latin1 - if ($_REQUEST['format'] == 'csv') { + if ($this->db->p('format') == 'csv') { $row[$f] = utf8_encode($row[$f]); } elseif ($spec['extra']) { $row[$f] = htmlentities($row[$f]);