diff options
| author | Simon Rettberg | 2013-10-31 12:38:25 +0100 |
|---|---|---|
| committer | Simon Rettberg | 2013-10-31 12:38:25 +0100 |
| commit | a362ac12b119b49519f5af51b92ebb7d6e127b87 (patch) | |
| tree | a2334426c8af99f864e2dd90c2f275e3ed50083a /modules/baseconfig.inc.php | |
| parent | Remodel zeug mit settings und so (diff) | |
| download | slx-admin-a362ac12b119b49519f5af51b92ebb7d6e127b87.tar.gz slx-admin-a362ac12b119b49519f5af51b92ebb7d6e127b87.tar.xz slx-admin-a362ac12b119b49519f5af51b92ebb7d6e127b87.zip | |
Comments, minor refactoring, possiblity to validate configuration parameters
Diffstat (limited to 'modules/baseconfig.inc.php')
| -rw-r--r-- | modules/baseconfig.inc.php | 69 |
1 files changed, 46 insertions, 23 deletions
diff --git a/modules/baseconfig.inc.php b/modules/baseconfig.inc.php index 58c6fa01..f6f4188f 100644 --- a/modules/baseconfig.inc.php +++ b/modules/baseconfig.inc.php @@ -3,43 +3,60 @@ User::load(); // Determine if we're setting global, distro or pool -if (isset($_REQUEST['distro'])) { +$qry_extra = array(); +if (isset($_REQUEST['distroid'])) { // TODO: Everything - $qry_insert = ', distroid'; - $qry_values = ', :distroid'; - $qry_distroid = (int)$_REQUEST['distro']; - if (isset($_REQUEST['pool'])) { - // TODO: Everything - $qry_insert .= ', poolid'; - $qry_values .= ', :poolid'; - $qry_poolid .= (int)$_REQUEST['pool']; + $qry_extra[] = array( + 'name' => 'distroid', + 'value' => (int)$_REQUEST['distroid'], + 'table' => 'setting_distro', + ); + if (isset($_REQUEST['poolid'])) { + $qry_extra[] = array( + 'name' => 'poolid', + 'value' => (int)$_REQUEST['poolid'], + 'table' => 'setting_pool', + ); } -} else { - $qry_insert = ''; - $qry_values = ''; - $qry_distroid = ''; - $qry_poolid = ''; } if (isset($_POST['setting']) && is_array($_POST['setting'])) { if (User::hasPermission('superadmin')) { if (Util::verifyToken()) { + // Build variables for specific sub-settings + $qry_insert = ''; + $qry_values = ''; + foreach ($qry_extra as $item) { + $qry_insert = ', ' . $item['name']; + $qry_values = ', :' . $item['name']; + } // Load all existing config options to validate input $settings = array(); - $res = Database::simpleQuery('SELECT setting FROM setting'); + $res = Database::simpleQuery('SELECT setting, validator FROM setting'); while ($row = $res->fetch(PDO::FETCH_ASSOC)) { - $settings[$row['setting']] = true; // will contain validation regex at some point + $settings[$row['setting']] = $row['validator']; } - foreach (array_keys($settings) as $key) { - $value = (isset($_POST['setting'][$key]) ? $_POST['setting'][$key] : ''); - // use validation regex here - Database::exec("INSERT INTO setting_global (setting, value $qry_insert) VALUES (:key, :value $qry_values) ON DUPLICATE KEY UPDATE value = :value", array( - 'key' => $key, - 'value' => $value, - )); + foreach ($settings as $key => $validator) { + $input = (isset($_POST['setting'][$key]) ? $_POST['setting'][$key] : ''); + // Validate data first! + $value = Validator::validate($validator, $input); + if ($value === false) { + Message::addWarning('value-invalid', $key, $input); + continue; + } + // Now put into DB + Database::exec("INSERT INTO setting_global (setting, value $qry_insert) + VALUES (:key, :value $qry_values) + ON DUPLICATE KEY UPDATE value = :value", + $qry_extra + array( + 'key' => $key, + 'value' => $value, + ) + ); } Message::addSuccess('settings-updated'); + Util::redirect('?do=baseconfig'); } } } @@ -50,6 +67,12 @@ function render_module() Message::addError('no-permission'); return; } + // Build left joins for specific settings + global $qry_extra; + $joins = ''; + foreach ($qry_extra as $item) { + $joins .= " LEFT JOIN ${item['table']} "; + } // List global config option $settings = array(); $res = Database::simpleQuery('SELECT setting.setting, setting.defaultvalue, setting.permissions, setting.description, tbl.value |