Replacing $_REQUEST variables with $INPUT wrapper, usermanager plugin

author: Hakan Sandell <sandell.hakan@gmail.com> 2012-09-08 15:06:21 +0200
committer: Hakan Sandell <sandell.hakan@gmail.com> 2012-09-08 15:06:21 +0200
commit: fbfbbe8a285a488c3feab53f47a9216fdd999a42 (patch)
tree: dd51e5debd1b3aaeb1053d1c55b14e7794d815d1 /lib/plugins/usermanager/admin.php
parent: f21e024ada9202d47fcdc85730a44af5ea259d1c (diff)
download: rpg-fbfbbe8a285a488c3feab53f47a9216fdd999a42.tar.gz
rpg-fbfbbe8a285a488c3feab53f47a9216fdd999a42.tar.bz2
1 files changed, 8 insertions, 7 deletions
diff --git a/lib/plugins/usermanager/admin.php b/lib/plugins/usermanager/admin.php
index 2bb0a863d..30b65debb 100644
--- a/lib/plugins/usermanager/admin.php
+++ b/lib/plugins/usermanager/admin.php
@@ -553,12 +553,13 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin {
      */
     function _retrieveUser($clean=true) {
         global $auth;
+        global $INPUT;
 
-        $user[0] = ($clean) ? $auth->cleanUser($_REQUEST['userid']) : $_REQUEST['userid'];
-        $user[1] = $_REQUEST['userpass'];
-        $user[2] = $_REQUEST['username'];
-        $user[3] = $_REQUEST['usermail'];
-        $user[4] = explode(',',$_REQUEST['usergroups']);
+        $user[0] = ($clean) ? $auth->cleanUser($INPUT->str('userid')) : $INPUT->str('userid');
+        $user[1] = $INPUT->str('userpass');
+        $user[2] = $INPUT->str('username');
+        $user[3] = $INPUT->str('usermail');
+        $user[4] = explode(',',$INPUT->str('usergroups'));
 
         $user[4] = array_map('trim',$user[4]);
         if($clean) $user[4] = array_map(array($auth,'cleanGroup'),$user[4]);
@@ -584,9 +585,9 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin {
     }
 
     function _retrieveFilter() {
+        global $INPUT;
 
-        $t_filter = $_REQUEST['filter'];
-        if (!is_array($t_filter)) return array();
+        $t_filter = $INPUT->arr('filter');
 
         // messy, but this way we ensure we aren't getting any additional crap from malicious users
         $filter = array();
author	Hakan Sandell <sandell.hakan@gmail.com>	2012-09-08 15:06:21 +0200
committer	Hakan Sandell <sandell.hakan@gmail.com>	2012-09-08 15:06:21 +0200
commit	fbfbbe8a285a488c3feab53f47a9216fdd999a42 (patch)
tree	dd51e5debd1b3aaeb1053d1c55b14e7794d815d1 /lib/plugins/usermanager/admin.php
parent	f21e024ada9202d47fcdc85730a44af5ea259d1c (diff)
download	rpg-fbfbbe8a285a488c3feab53f47a9216fdd999a42.tar.gz rpg-fbfbbe8a285a488c3feab53f47a9216fdd999a42.tar.bz2