more $INPUT use FS#2577

author: Andreas Gohr <andi@splitbrain.org> 2012-08-24 09:43:50 +0200
committer: Andreas Gohr <andi@splitbrain.org> 2012-08-24 09:43:50 +0200
commit: 64273335d1bae12b2fe7d9664e1665d6e69d47af (patch)
tree: eb6877ac97ab240f61aaa30679d49ca7aab97b42 /lib/plugins/acl/ajax.php
parent: c51e95703cc34aca498b87ae89f78034a7cb8a54 (diff)
download: rpg-64273335d1bae12b2fe7d9664e1665d6e69d47af.tar.gz
rpg-64273335d1bae12b2fe7d9664e1665d6e69d47af.tar.bz2
1 files changed, 7 insertions, 4 deletions
diff --git a/lib/plugins/acl/ajax.php b/lib/plugins/acl/ajax.php
index 3a5d89c08..10e18af97 100644
--- a/lib/plugins/acl/ajax.php
+++ b/lib/plugins/acl/ajax.php
@@ -11,6 +11,10 @@ require_once(DOKU_INC.'inc/init.php');
 //close session
 session_write_close();
 
+global $conf;
+global $ID;
+global $INPUT;
+
 //fix for Opera XMLHttpRequests
 $postData = http_get_raw_post_data();
 if(!count($_POST) && !empty($postData)){
@@ -22,20 +26,19 @@ if(!checkSecurityToken()) die('CRSF Attack');
 
 $ID    = getID();
 
+/** @var $acl admin_plugin_acl */
 $acl = plugin_load('admin','acl');
 $acl->handle();
 
-$ajax = $_REQUEST['ajax'];
+$ajax = $INPUT->str('ajax');
 header('Content-Type: text/html; charset=utf-8');
 
 if($ajax == 'info'){
     $acl->_html_info();
 }elseif($ajax == 'tree'){
-    global $conf;
-    global $ID;
 
     $dir = $conf['datadir'];
-    $ns  = $_REQUEST['ns'];
+    $ns  = $INPUT->str('ns');
     if($ns == '*'){
         $ns ='';
     }
author	Andreas Gohr <andi@splitbrain.org>	2012-08-24 09:43:50 +0200
committer	Andreas Gohr <andi@splitbrain.org>	2012-08-24 09:43:50 +0200
commit	64273335d1bae12b2fe7d9664e1665d6e69d47af (patch)
tree	eb6877ac97ab240f61aaa30679d49ca7aab97b42 /lib/plugins/acl/ajax.php
parent	c51e95703cc34aca498b87ae89f78034a7cb8a54 (diff)
download	rpg-64273335d1bae12b2fe7d9664e1665d6e69d47af.tar.gz rpg-64273335d1bae12b2fe7d9664e1665d6e69d47af.tar.bz2