diff options
| -rw-r--r-- | _test/tests/inc/search/search.test.php | 4 | ||||
| -rw-r--r-- | doku.php | 2 | ||||
| -rw-r--r-- | inc/auth.php | 7 | ||||
| -rw-r--r-- | inc/search.php | 4 | ||||
| -rw-r--r-- | lib/plugins/authad/auth.php | 5 | ||||
| -rw-r--r-- | lib/plugins/plugin/admin.php | 3 | ||||
| -rw-r--r-- | lib/plugins/revert/admin.php | 13 | ||||
| -rw-r--r-- | lib/plugins/usermanager/admin.php | 25 |
8 files changed, 34 insertions, 29 deletions
diff --git a/_test/tests/inc/search/search.test.php b/_test/tests/inc/search/search.test.php index 9c854a661..33d4e9d8d 100644 --- a/_test/tests/inc/search/search.test.php +++ b/_test/tests/inc/search/search.test.php @@ -22,9 +22,9 @@ class search_test extends DokuWikiTest { search($data, dirname(__FILE__) . '/data', 'search_allpages', array('depth' => 1), 'ns1/ns3'); $this->assertEquals(0, count($data)); - //depth is 1 so I should get only pages from ns1 + //depth is 2 so I should get only pages from ns1 $data = array(); - search($data, dirname(__FILE__) . '/data', 'search_allpages', array('depth' => 1), 'ns1'); + search($data, dirname(__FILE__) . '/data', 'search_allpages', array('depth' => 2), 'ns1'); $this->assertEquals(2, count($data)); } @@ -29,7 +29,7 @@ if(isset($_SERVER['HTTP_X_DOKUWIKI_DO'])) { require_once(DOKU_INC.'inc/init.php'); //import variables -$_REQUEST['id'] = str_replace("\xC2\xAD", '', $INPUT->str('id')); //soft-hyphen +$INPUT->set('id', str_replace("\xC2\xAD", '', $INPUT->str('id'))); //soft-hyphen $QUERY = trim($INPUT->str('id')); $ID = getID(); diff --git a/inc/auth.php b/inc/auth.php index d82b8b5dd..68b6b438d 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -54,16 +54,17 @@ function auth_setup() { } } - if(!$auth){ + if(!isset($auth) || !$auth){ msg($lang['authtempfail'], -1); return false; } - if ($auth && $auth->success == false) { + if ($auth->success == false) { // degrade to unauthenticated user unset($auth); auth_logoff(); msg($lang['authtempfail'], -1); + return false; } // do the login either by cookie or provided credentials XXX @@ -91,7 +92,7 @@ function auth_setup() { // apply cleaning if (true === $auth->success) { - $_REQUEST['u'] = $auth->cleanUser($_REQUEST['u']); + $INPUT->set('u', $auth->cleanUser($INPUT->str('u'))); } if($INPUT->str('authtok')) { diff --git a/inc/search.php b/inc/search.php index e4aa3b9eb..6927fff5f 100644 --- a/inc/search.php +++ b/inc/search.php @@ -243,8 +243,8 @@ function search_pagename(&$data,$base,$file,$type,$lvl,$opts){ function search_allpages(&$data,$base,$file,$type,$lvl,$opts){ if(isset($opts['depth']) && $opts['depth']){ $parts = explode('/',ltrim($file,'/')); - if(($type == 'd' && count($parts) > $opts['depth']) - || ($type != 'd' && count($parts) > $opts['depth'] + 1)){ + if(($type == 'd' && count($parts) >= $opts['depth']) + || ($type != 'd' && count($parts) > $opts['depth'])){ return false; // depth reached } } diff --git a/lib/plugins/authad/auth.php b/lib/plugins/authad/auth.php index f651d87a1..6c49eafbb 100644 --- a/lib/plugins/authad/auth.php +++ b/lib/plugins/authad/auth.php @@ -71,6 +71,7 @@ class auth_plugin_authad extends DokuWiki_Auth_Plugin { * Constructor */ public function __construct() { + global $INPUT; parent::__construct(); // we load the config early to modify it a bit here @@ -99,8 +100,8 @@ class auth_plugin_authad extends DokuWiki_Auth_Plugin { // we need to simulate a login if(empty($_COOKIE[DOKU_COOKIE])) { - $_REQUEST['u'] = $_SERVER['REMOTE_USER']; - $_REQUEST['p'] = 'sso_only'; + $INPUT->set('u', $_SERVER['REMOTE_USER']); + $INPUT->set('p', 'sso_only'); } } diff --git a/lib/plugins/plugin/admin.php b/lib/plugins/plugin/admin.php index 8b1ee3c7d..de4de6aef 100644 --- a/lib/plugins/plugin/admin.php +++ b/lib/plugins/plugin/admin.php @@ -61,11 +61,12 @@ class admin_plugin_plugin extends DokuWiki_Admin_Plugin { * handle user request */ function handle() { + global $INPUT; // enable direct access to language strings $this->setupLocale(); - $fn = $_REQUEST['fn']; + $fn = $INPUT->param('fn'); if (is_array($fn)) { $this->cmd = key($fn); $this->plugin = is_array($fn[$this->cmd]) ? key($fn[$this->cmd]) : null; diff --git a/lib/plugins/revert/admin.php b/lib/plugins/revert/admin.php index fcdaa230d..847e38876 100644 --- a/lib/plugins/revert/admin.php +++ b/lib/plugins/revert/admin.php @@ -44,15 +44,16 @@ class admin_plugin_revert extends DokuWiki_Admin_Plugin { * output appropriate html */ function html() { + global $INPUT; echo $this->plugin_locale_xhtml('intro'); $this->_searchform(); - if(is_array($_REQUEST['revert']) && checkSecurityToken()){ - $this->_revert($_REQUEST['revert'],$_REQUEST['filter']); - }elseif(isset($_REQUEST['filter'])){ - $this->_list($_REQUEST['filter']); + if(is_array($INPUT->param('revert')) && checkSecurityToken()){ + $this->_revert($INPUT->arr('revert'),$INPUT->str('filter')); + }elseif($INPUT->has('filter')){ + $this->_list($INPUT->str('filter')); } } @@ -60,10 +61,10 @@ class admin_plugin_revert extends DokuWiki_Admin_Plugin { * Display the form for searching spam pages */ function _searchform(){ - global $lang; + global $lang, $INPUT; echo '<form action="" method="post"><div class="no">'; echo '<label>'.$this->getLang('filter').': </label>'; - echo '<input type="text" name="filter" class="edit" value="'.hsc($_REQUEST['filter']).'" />'; + echo '<input type="text" name="filter" class="edit" value="'.hsc($INPUT->str('filter')).'" />'; echo ' <input type="submit" class="button" value="'.$lang['btn_search'].'" />'; echo ' <span>'.$this->getLang('note1').'</span>'; echo '</div></form><br /><br />'; diff --git a/lib/plugins/usermanager/admin.php b/lib/plugins/usermanager/admin.php index cf8963e64..01f4a4cdb 100644 --- a/lib/plugins/usermanager/admin.php +++ b/lib/plugins/usermanager/admin.php @@ -73,11 +73,12 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { * handle user request */ function handle() { + global $INPUT; if (is_null($this->_auth)) return false; // extract the command and any specific parameters // submit button name is of the form - fn[cmd][param(s)] - $fn = $_REQUEST['fn']; + $fn = $INPUT->param('fn'); if (is_array($fn)) { $cmd = key($fn); @@ -88,8 +89,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { } if ($cmd != "search") { - if (!empty($_REQUEST['start'])) - $this->_start = $_REQUEST['start']; + $this->_start = $INPUT->int('start', 0); $this->_filter = $this->_retrieveFilter(); } @@ -345,6 +345,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { } function _addUser(){ + global $INPUT; if (!checkSecurityToken()) return false; if (!$this->_auth->canDo('addUser')) return false; @@ -353,7 +354,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { if ($this->_auth->canDo('modPass')){ if (empty($pass)){ - if(!empty($_REQUEST['usernotify'])){ + if($INPUT->has('usernotify')){ $pass = auth_pwgen(); } else { msg($this->lang['add_fail'], -1); @@ -393,7 +394,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { msg($this->lang['add_ok'], 1); - if (!empty($_REQUEST['usernotify']) && $pass) { + if ($INPUT->has('usernotify') && $pass) { $this->_notifyUser($user,$pass); } } else { @@ -407,13 +408,13 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { * Delete user */ function _deleteUser(){ - global $conf; + global $conf, $INPUT; if (!checkSecurityToken()) return false; if (!$this->_auth->canDo('delUser')) return false; - $selected = $_REQUEST['delete']; - if (!is_array($selected) || empty($selected)) return false; + $selected = $INPUT->arr('delete'); + if (empty($selected)) return false; $selected = array_keys($selected); if(in_array($_SERVER['REMOTE_USER'], $selected)) { @@ -463,13 +464,13 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { * Modify user (modified user data has been recieved) */ function _modifyUser(){ - global $conf; + global $conf, $INPUT; if (!checkSecurityToken()) return false; if (!$this->_auth->canDo('UserMod')) return false; // get currently valid user data - $olduser = cleanID(preg_replace('/.*:/','',$_REQUEST['userid_old'])); + $olduser = cleanID(preg_replace('/.*:/','',$INPUT->str('userid_old'))); $oldinfo = $this->_auth->getUserData($olduser); // get new user data subject to change @@ -494,7 +495,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { } // generate password if left empty and notification is on - if(!empty($_REQUEST['usernotify']) && empty($newpass)){ + if($INPUT->has('usernotify') && empty($newpass)){ $newpass = auth_pwgen(); } @@ -510,7 +511,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin { if ($ok = $this->_auth->triggerUserMod('modify', array($olduser, $changes))) { msg($this->lang['update_ok'],1); - if (!empty($_REQUEST['usernotify']) && $newpass) { + if ($INPUT->has('usernotify') && $newpass) { $notify = empty($changes['user']) ? $olduser : $newuser; $this->_notifyUser($notify,$newpass); } |