From a2cfd0c8cea18861ad20f7eb535a98394f9239ff Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Wed, 13 Jul 2016 16:59:21 +0200 Subject: [statistics] Change delimiter to something more unusual, add captions for filter options --- modules-available/statistics/inc/filter.inc.php | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'modules-available/statistics/inc/filter.inc.php') diff --git a/modules-available/statistics/inc/filter.inc.php b/modules-available/statistics/inc/filter.inc.php index 0f1a0d20..a3f1cbb5 100644 --- a/modules-available/statistics/inc/filter.inc.php +++ b/modules-available/statistics/inc/filter.inc.php @@ -4,9 +4,15 @@ * WARNING: argument is escaped, but $column and $operator are passed unfiltered into SQL */ class Filter { + /** + * Delimiter for js_selectize filters + */ + const DELIMITER = '~,~'; + public $column; public $operator; public $argument; + public function __construct($column, $operator, $argument = null) { $this->column = trim($column); @@ -40,11 +46,11 @@ class Filter { $operators = ['<=', '>=', '!=', '!~', '=', '~', '<', '>']; $filters = []; - foreach (explode(',', $query) as $q) { + foreach (explode(self::DELIMITER, $query) as $q) { $q = trim($q); /* find position of first operator */ $pos = 10000; - $operator; + $operator = false; foreach ($operators as $op) { $newpos = strpos($q, $op); if ($newpos > -1 && ($newpos < $pos)) { @@ -75,7 +81,7 @@ class Filter if (array_key_exists($lhs, Page_Statistics::$columns) && Page_Statistics::$columns[$lhs]['column']) { $filters[] = new Filter($lhs, $operator, $rhs); } else { - Message::addError('invalid-filter'); + Message::addError('invalid-filter-key', $lhs); } } } @@ -165,8 +171,7 @@ class StateFilter extends Filter } elseif ($this->argument === 'occupied') { return " $neg (lastseen + 600 > UNIX_TIMESTAMP() AND logintime <> 0 ) "; } else { - Message::addError('invalid-filter'); - + Message::addError('invalid-filter-argument', 'state', $this->argument); return ' 1'; } } -- cgit v1.2.3-55-g7522