summaryrefslogtreecommitdiffstats
path: root/modules/baseconfig.inc.php
diff options
context:
space:
mode:
authorSimon Rettberg2013-10-31 12:38:25 +0100
committerSimon Rettberg2013-10-31 12:38:25 +0100
commita362ac12b119b49519f5af51b92ebb7d6e127b87 (patch)
treea2334426c8af99f864e2dd90c2f275e3ed50083a /modules/baseconfig.inc.php
parentRemodel zeug mit settings und so (diff)
downloadslx-admin-a362ac12b119b49519f5af51b92ebb7d6e127b87.tar.gz
slx-admin-a362ac12b119b49519f5af51b92ebb7d6e127b87.tar.xz
slx-admin-a362ac12b119b49519f5af51b92ebb7d6e127b87.zip
Comments, minor refactoring, possiblity to validate configuration parameters
Diffstat (limited to 'modules/baseconfig.inc.php')
-rw-r--r--modules/baseconfig.inc.php69
1 files changed, 46 insertions, 23 deletions
diff --git a/modules/baseconfig.inc.php b/modules/baseconfig.inc.php
index 58c6fa01..f6f4188f 100644
--- a/modules/baseconfig.inc.php
+++ b/modules/baseconfig.inc.php
@@ -3,43 +3,60 @@
User::load();
// Determine if we're setting global, distro or pool
-if (isset($_REQUEST['distro'])) {
+$qry_extra = array();
+if (isset($_REQUEST['distroid'])) {
// TODO: Everything
- $qry_insert = ', distroid';
- $qry_values = ', :distroid';
- $qry_distroid = (int)$_REQUEST['distro'];
- if (isset($_REQUEST['pool'])) {
- // TODO: Everything
- $qry_insert .= ', poolid';
- $qry_values .= ', :poolid';
- $qry_poolid .= (int)$_REQUEST['pool'];
+ $qry_extra[] = array(
+ 'name' => 'distroid',
+ 'value' => (int)$_REQUEST['distroid'],
+ 'table' => 'setting_distro',
+ );
+ if (isset($_REQUEST['poolid'])) {
+ $qry_extra[] = array(
+ 'name' => 'poolid',
+ 'value' => (int)$_REQUEST['poolid'],
+ 'table' => 'setting_pool',
+ );
}
-} else {
- $qry_insert = '';
- $qry_values = '';
- $qry_distroid = '';
- $qry_poolid = '';
}
if (isset($_POST['setting']) && is_array($_POST['setting'])) {
if (User::hasPermission('superadmin')) {
if (Util::verifyToken()) {
+ // Build variables for specific sub-settings
+ $qry_insert = '';
+ $qry_values = '';
+ foreach ($qry_extra as $item) {
+ $qry_insert = ', ' . $item['name'];
+ $qry_values = ', :' . $item['name'];
+ }
// Load all existing config options to validate input
$settings = array();
- $res = Database::simpleQuery('SELECT setting FROM setting');
+ $res = Database::simpleQuery('SELECT setting, validator FROM setting');
while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
- $settings[$row['setting']] = true; // will contain validation regex at some point
+ $settings[$row['setting']] = $row['validator'];
}
- foreach (array_keys($settings) as $key) {
- $value = (isset($_POST['setting'][$key]) ? $_POST['setting'][$key] : '');
- // use validation regex here
- Database::exec("INSERT INTO setting_global (setting, value $qry_insert) VALUES (:key, :value $qry_values) ON DUPLICATE KEY UPDATE value = :value", array(
- 'key' => $key,
- 'value' => $value,
- ));
+ foreach ($settings as $key => $validator) {
+ $input = (isset($_POST['setting'][$key]) ? $_POST['setting'][$key] : '');
+ // Validate data first!
+ $value = Validator::validate($validator, $input);
+ if ($value === false) {
+ Message::addWarning('value-invalid', $key, $input);
+ continue;
+ }
+ // Now put into DB
+ Database::exec("INSERT INTO setting_global (setting, value $qry_insert)
+ VALUES (:key, :value $qry_values)
+ ON DUPLICATE KEY UPDATE value = :value",
+ $qry_extra + array(
+ 'key' => $key,
+ 'value' => $value,
+ )
+ );
}
Message::addSuccess('settings-updated');
+ Util::redirect('?do=baseconfig');
}
}
}
@@ -50,6 +67,12 @@ function render_module()
Message::addError('no-permission');
return;
}
+ // Build left joins for specific settings
+ global $qry_extra;
+ $joins = '';
+ foreach ($qry_extra as $item) {
+ $joins .= " LEFT JOIN ${item['table']} ";
+ }
// List global config option
$settings = array();
$res = Database::simpleQuery('SELECT setting.setting, setting.defaultvalue, setting.permissions, setting.description, tbl.value