diff --git a/README.md b/README.md index aa418e4f..fdd20df7 100644 --- a/README.md +++ b/README.md @@ -8,8 +8,8 @@ Please visit https://engelsystem.de for a feature list. ## Installation ### Requirements: - * PHP 5.4.x (cgi-fcgi) - * MySQL-Server 5.5.x + * PHP >= 5.6.4, PHP >= 7.0.0 recommended + * MySQL-Server >= 5.5.x * Webserver, i.e. lighttpd, nginx, or Apache ### Directions: diff --git a/composer.json b/composer.json index 0605bcf3..d2e0108b 100644 --- a/composer.json +++ b/composer.json @@ -14,7 +14,7 @@ } ], "require": { - "php": ">=5.4", + "php": ">=5.6.4", "erusev/parsedown": "1.6.*", "twbs/bootstrap": "^3.3" }, diff --git a/includes/controller/angeltypes_controller.php b/includes/controller/angeltypes_controller.php index daa754eb..346a4d73 100644 --- a/includes/controller/angeltypes_controller.php +++ b/includes/controller/angeltypes_controller.php @@ -81,7 +81,7 @@ function angeltype_delete_controller() $angeltype = load_angeltype(); - if (isset($_REQUEST['confirmed'])) { + if (request()->has('confirmed')) { AngelType_delete($angeltype); success(sprintf(_('Angeltype %s deleted.'), AngelType_name_render($angeltype))); redirect(page_link_to('angeltypes')); @@ -104,8 +104,9 @@ function angeltype_edit_controller() // In supporter mode only allow to modify description $supporter_mode = !in_array('admin_angel_types', $privileges); + $request = request(); - if (isset($_REQUEST['angeltype_id'])) { + if ($request->has('angeltype_id')) { // Edit existing angeltype $angeltype = load_angeltype(); @@ -121,12 +122,12 @@ function angeltype_edit_controller() $angeltype = AngelType_new(); } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $valid = true; if (!$supporter_mode) { - if (isset($_REQUEST['name'])) { - $result = AngelType_validate_name($_REQUEST['name'], $angeltype); + if ($request->has('name')) { + $result = AngelType_validate_name($request->get('name'), $angeltype); $angeltype['name'] = $result->getValue(); if (!$result->isValid()) { $valid = false; @@ -134,10 +135,10 @@ function angeltype_edit_controller() } } - $angeltype['restricted'] = isset($_REQUEST['restricted']); - $angeltype['no_self_signup'] = isset($_REQUEST['no_self_signup']); + $angeltype['restricted'] = $request->has('restricted'); + $angeltype['no_self_signup'] = $request->has('no_self_signup'); - $angeltype['requires_driver_license'] = isset($_REQUEST['requires_driver_license']); + $angeltype['requires_driver_license'] = $request->has('requires_driver_license'); } $angeltype['description'] = strip_request_item_nl('description', $angeltype['description']); @@ -262,11 +263,12 @@ function angeltypes_list_controller() */ function load_angeltype() { - if (!isset($_REQUEST['angeltype_id'])) { + $request = request(); + if (!$request->has('angeltype_id')) { redirect(page_link_to('angeltypes')); } - $angeltype = AngelType($_REQUEST['angeltype_id']); + $angeltype = AngelType($request->input('angeltype_id')); if ($angeltype == null) { error(_('Angeltype doesn\'t exist . ')); redirect(page_link_to('angeltypes')); diff --git a/includes/controller/event_config_controller.php b/includes/controller/event_config_controller.php index 06245c47..dcdcf54a 100644 --- a/includes/controller/event_config_controller.php +++ b/includes/controller/event_config_controller.php @@ -19,6 +19,7 @@ function event_config_edit_controller() redirect('?'); } + $request = request(); $event_name = null; $event_welcome_msg = null; $buildup_start_date = null; @@ -36,17 +37,17 @@ function event_config_edit_controller() $event_welcome_msg = $event_config['event_welcome_msg']; } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $valid = true; - if (isset($_REQUEST['event_name'])) { + if ($request->has('event_name')) { $event_name = strip_request_item('event_name'); } if ($event_name == '') { $event_name = null; } - if (isset($_REQUEST['event_welcome_msg'])) { + if ($request->has('event_welcome_msg')) { $event_welcome_msg = strip_request_item_nl('event_welcome_msg'); } if ($event_welcome_msg == '') { diff --git a/includes/controller/rooms_controller.php b/includes/controller/rooms_controller.php index 3082a28d..2d6f1a77 100644 --- a/includes/controller/rooms_controller.php +++ b/includes/controller/rooms_controller.php @@ -19,6 +19,7 @@ function room_controller() redirect(page_link_to()); } + $request = request(); $room = load_room(false); if ($room['show'] != 'Y' && !in_array('admin_rooms', $privileges)) { redirect(page_link_to()); @@ -42,8 +43,8 @@ function room_controller() if (!empty($days)) { $selected_day = $days[0]; } - if (isset($_REQUEST['shifts_filter_day'])) { - $selected_day = $_REQUEST['shifts_filter_day']; + if ($request->has('shifts_filter_day')) { + $selected_day = $request->input('shifts_filter_day'); } $shiftsFilter->setStartTime(parse_date('Y-m-d H:i', $selected_day . ' 00:00')); $shiftsFilter->setEndTime(parse_date('Y-m-d H:i', $selected_day . ' 23:59')); @@ -66,11 +67,13 @@ function room_controller() */ function rooms_controller() { - if (!isset($_REQUEST['action'])) { - $_REQUEST['action'] = 'list'; + $request = request(); + $action = $request->input('action'); + if (!$request->has('action')) { + $action = 'list'; } - switch ($_REQUEST['action']) { + switch ($action) { case 'view': return room_controller(); case 'list': @@ -112,7 +115,7 @@ function load_room($onlyVisible = true) redirect(page_link_to()); } - $room = Room($_REQUEST['room_id'], $onlyVisible); + $room = Room(request()->input('room_id'), $onlyVisible); if ($room == null) { redirect(page_link_to()); } diff --git a/includes/controller/shift_entries_controller.php b/includes/controller/shift_entries_controller.php index cb2d9bee..38aad5bb 100644 --- a/includes/controller/shift_entries_controller.php +++ b/includes/controller/shift_entries_controller.php @@ -11,9 +11,10 @@ function shift_entry_add_controller() { global $privileges, $user; + $request = request(); $shift_id = 0; - if (isset($_REQUEST['shift_id']) && preg_match('/^\d*$/', $_REQUEST['shift_id'])) { - $shift_id = $_REQUEST['shift_id']; + if ($request->has('shift_id') && preg_match('/^\d*$/', $request->input('shift_id'))) { + $shift_id = $request->input('shift_id'); } else { redirect(page_link_to('user_shifts')); } @@ -32,8 +33,8 @@ function shift_entry_add_controller() } $type_id = 0; - if (isset($_REQUEST['type_id']) && preg_match('/^\d*$/', $_REQUEST['type_id'])) { - $type_id = $_REQUEST['type_id']; + if ($request->has('type_id') && preg_match('/^\d*$/', $request->input('type_id'))) { + $type_id = $request->input('type_id'); } else { redirect(page_link_to('user_shifts')); } @@ -63,14 +64,14 @@ function shift_entry_add_controller() } if ( - isset($_REQUEST['user_id']) - && preg_match('/^\d*$/', $_REQUEST['user_id']) + $request->has('user_id') + && preg_match('/^\d*$/', $request->input('user_id')) && ( in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges) ) ) { - $user_id = $_REQUEST['user_id']; + $user_id = $request->input('user_id'); } else { $user_id = $user['UID']; } @@ -92,7 +93,7 @@ function shift_entry_add_controller() redirect(shift_link($shift)); } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $selected_type_id = $type_id; if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges) @@ -103,14 +104,14 @@ function shift_entry_add_controller() } if ( - isset($_REQUEST['angeltype_id']) + $request->has('angeltype_id') && test_request_int('angeltype_id') && count(DB::select( 'SELECT `id` FROM `AngelTypes` WHERE `id`=? LIMIT 1', - [$_REQUEST['angeltype_id']] + [$request->input('angeltype_id')] )) > 0 ) { - $selected_type_id = $_REQUEST['angeltype_id']; + $selected_type_id = $request->input('angeltype_id'); } } @@ -124,7 +125,7 @@ function shift_entry_add_controller() $freeloaded = isset($shift['freeloaded']) ? $shift['freeloaded'] : false; $freeload_comment = isset($shift['freeload_comment']) ? $shift['freeload_comment'] : ''; if (in_array('user_shifts_admin', $privileges)) { - $freeloaded = isset($_REQUEST['freeloaded']); + $freeloaded = $request->has('freeloaded'); $freeload_comment = strip_request_item_nl('freeload_comment'); } @@ -236,11 +237,12 @@ function shift_entry_add_controller() function shift_entry_delete_controller() { global $privileges, $user; + $request = request(); - if (!isset($_REQUEST['entry_id']) || !test_request_int('entry_id')) { + if (!$request->has('entry_id') || !test_request_int('entry_id')) { redirect(page_link_to('user_shifts')); } - $entry_id = $_REQUEST['entry_id']; + $entry_id = $request->input('entry_id'); $shift_entry_source = DB::select(' SELECT diff --git a/includes/controller/shifts_controller.php b/includes/controller/shifts_controller.php index c8b6932a..21c6e160 100644 --- a/includes/controller/shifts_controller.php +++ b/includes/controller/shifts_controller.php @@ -44,15 +44,16 @@ function shift_edit_controller() // Schicht bearbeiten $msg = ''; $valid = true; + $request = request(); if (!in_array('admin_shifts', $privileges)) { redirect(page_link_to('user_shifts')); } - if (!isset($_REQUEST['edit_shift']) || !test_request_int('edit_shift')) { + if (!$request->has('edit_shift') || !test_request_int('edit_shift')) { redirect(page_link_to('user_shifts')); } - $shift_id = $_REQUEST['edit_shift']; + $shift_id = $request->input('edit_shift'); $shift = Shift($shift_id); @@ -73,33 +74,37 @@ function shift_edit_controller() $start = $shift['start']; $end = $shift['end']; - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { // Name/Bezeichnung der Schicht, darf leer sein $title = strip_request_item('title'); // Auswahl der sichtbaren Locations für die Schichten - if (isset($_REQUEST['rid']) && preg_match('/^\d+$/', $_REQUEST['rid']) && isset($room[$_REQUEST['rid']])) { - $rid = $_REQUEST['rid']; + if ( + $request->has('rid') + && preg_match('/^\d+$/', $request->input('rid')) + && isset($room[$request->input('rid')]) + ) { + $rid = $request->input('rid'); } else { $valid = false; $msg .= error(_('Please select a room.'), true); } - if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { - $shifttype_id = $_REQUEST['shifttype_id']; + if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) { + $shifttype_id = $request->input('shifttype_id'); } else { $valid = false; $msg .= error(_('Please select a shifttype.'), true); } - if (isset($_REQUEST['start']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['start'])) { + if ($request->has('start') && $tmp = parse_date('Y-m-d H:i', $request->input('start'))) { $start = $tmp; } else { $valid = false; $msg .= error(_('Please enter a valid starting time for the shifts.'), true); } - if (isset($_REQUEST['end']) && $tmp = parse_date('Y-m-d H:i', $_REQUEST['end'])) { + if ($request->has('end') && $tmp = parse_date('Y-m-d H:i', $request->input('end'))) { $end = $tmp; } else { $valid = false; @@ -112,8 +117,8 @@ function shift_edit_controller() } foreach ($needed_angel_types as $needed_angeltype_id => $needed_angeltype_name) { - if (isset($_REQUEST['type_' . $needed_angeltype_id]) && test_request_int('type_' . $needed_angeltype_id)) { - $needed_angel_types[$needed_angeltype_id] = trim($_REQUEST['type_' . $needed_angeltype_id]); + if ($request->has('type_' . $needed_angeltype_id) && test_request_int('type_' . $needed_angeltype_id)) { + $needed_angel_types[$needed_angeltype_id] = trim($request->input('type_' . $needed_angeltype_id)); } else { $valid = false; $msg .= error(sprintf( @@ -186,16 +191,17 @@ function shift_edit_controller() function shift_delete_controller() { global $privileges; + $request = request(); if (!in_array('user_shifts_admin', $privileges)) { redirect(page_link_to('user_shifts')); } // Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg) - if (!isset($_REQUEST['delete_shift']) || !preg_match('/^\d*$/', $_REQUEST['delete_shift'])) { + if (!$request->has('delete_shift') || !preg_match('/^\d*$/', $request->input('delete_shift'))) { redirect(page_link_to('user_shifts')); } - $shift_id = $_REQUEST['delete_shift']; + $shift_id = $request->input('delete_shift'); $shift = Shift($shift_id); if ($shift == null) { @@ -203,7 +209,7 @@ function shift_delete_controller() } // Schicht löschen bestätigt - if (isset($_REQUEST['delete'])) { + if ($request->has('delete')) { Shift_delete($shift_id); engelsystem_log( @@ -232,16 +238,17 @@ function shift_delete_controller() function shift_controller() { global $user, $privileges; + $request = request(); if (!in_array('user_shifts', $privileges)) { redirect(page_link_to('?')); } - if (!isset($_REQUEST['shift_id'])) { + if (!$request->has('shift_id')) { redirect(page_link_to('user_shifts')); } - $shift = Shift($_REQUEST['shift_id']); + $shift = Shift($request->input('shift_id')); if ($shift == null) { error(_('Shift could not be found.')); redirect(page_link_to('user_shifts')); @@ -285,11 +292,12 @@ function shift_controller() */ function shifts_controller() { - if (!isset($_REQUEST['action'])) { + $request = request(); + if (!$request->has('action')) { redirect(page_link_to('user_shifts')); } - switch ($_REQUEST['action']) { + switch ($request->input('action')) { case 'view': return shift_controller(); case 'next': @@ -330,16 +338,17 @@ function shift_next_controller() function shifts_json_export_all_controller() { $api_key = config('api_key'); + $request = request(); if (empty($api_key)) { engelsystem_error('Config contains empty apikey.'); } - if (!isset($_REQUEST['api_key'])) { + if (!$request->has('api_key')) { engelsystem_error('Missing parameter api_key.'); } - if ($_REQUEST['api_key'] != $api_key) { + if ($request->input('api_key') != $api_key) { engelsystem_error('Invalid api_key.'); } @@ -359,12 +368,13 @@ function shifts_json_export_all_controller() function shifts_json_export_controller() { global $user; + $request = request(); - if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) { + if (!$request->has('key') || !preg_match('/^[\da-f]{32}$/', $request->input('key'))) { engelsystem_error('Missing key.'); } - $key = $_REQUEST['key']; + $key = $request->input('key'); $user = User_by_api_key($key); if ($user == null) { diff --git a/includes/controller/shifttypes_controller.php b/includes/controller/shifttypes_controller.php index 9a470e29..acdeb982 100644 --- a/includes/controller/shifttypes_controller.php +++ b/includes/controller/shifttypes_controller.php @@ -16,17 +16,18 @@ function shifttype_link($shifttype) */ function shifttype_delete_controller() { - if (!isset($_REQUEST['shifttype_id'])) { + $request = request(); + if (!$request->has('shifttype_id')) { redirect(page_link_to('shifttypes')); } - $shifttype = ShiftType($_REQUEST['shifttype_id']); + $shifttype = ShiftType($request->input('shifttype_id')); if ($shifttype == null) { redirect(page_link_to('shifttypes')); } - if (isset($_REQUEST['confirmed'])) { + if ($request->has('confirmed')) { $result = ShiftType_delete($shifttype['id']); if (empty($result)) { engelsystem_error('Unable to delete shifttype.'); @@ -56,9 +57,10 @@ function shifttype_edit_controller() $description = ''; $angeltypes = AngelTypes(); + $request = request(); - if (isset($_REQUEST['shifttype_id'])) { - $shifttype = ShiftType($_REQUEST['shifttype_id']); + if ($request->has('shifttype_id')) { + $shifttype = ShiftType($request->input('shifttype_id')); if ($shifttype == null) { error(_('Shifttype not found.')); redirect(page_link_to('shifttypes')); @@ -69,23 +71,23 @@ function shifttype_edit_controller() $description = $shifttype['description']; } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $valid = true; - if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') { + if ($request->has('name') && $request->input('name') != '') { $name = strip_request_item('name'); } else { $valid = false; error(_('Please enter a name.')); } - if (isset($_REQUEST['angeltype_id']) && preg_match('/^\d+$/', $_REQUEST['angeltype_id'])) { - $angeltype_id = $_REQUEST['angeltype_id']; + if ($request->has('angeltype_id') && preg_match('/^\d+$/', $request->input('angeltype_id'))) { + $angeltype_id = $request->input('angeltype_id'); } else { $angeltype_id = null; } - if (isset($_REQUEST['description'])) { + if ($request->has('description')) { $description = strip_request_item_nl('description'); } @@ -120,10 +122,11 @@ function shifttype_edit_controller() */ function shifttype_controller() { - if (!isset($_REQUEST['shifttype_id'])) { + $request = request(); + if (!$request->has('shifttype_id')) { redirect(page_link_to('shifttypes')); } - $shifttype = ShiftType($_REQUEST['shifttype_id']); + $shifttype = ShiftType($request->input('shifttype_id')); if ($shifttype == null) { redirect(page_link_to('shifttypes')); } @@ -174,11 +177,13 @@ function shifttypes_title() */ function shifttypes_controller() { - if (!isset($_REQUEST['action'])) { - $_REQUEST['action'] = 'list'; + $request = request(); + $action = 'list'; + if ($request->has('action')) { + $action = $request->input('action'); } - switch ($_REQUEST['action']) { + switch ($action) { case 'view': return shifttype_controller(); case 'edit': diff --git a/includes/controller/user_angeltypes_controller.php b/includes/controller/user_angeltypes_controller.php index f31aeecd..41185552 100644 --- a/includes/controller/user_angeltypes_controller.php +++ b/includes/controller/user_angeltypes_controller.php @@ -38,13 +38,14 @@ function user_angeltypes_unconfirmed_hint() function user_angeltypes_delete_all_controller() { global $user; + $request = request(); - if (!isset($_REQUEST['angeltype_id'])) { + if (!$request->has('angeltype_id')) { error(_('Angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); } - $angeltype = AngelType($_REQUEST['angeltype_id']); + $angeltype = AngelType($request->input('angeltype_id')); if ($angeltype == null) { error(_('Angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); @@ -55,7 +56,7 @@ function user_angeltypes_delete_all_controller() redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['confirmed'])) { + if ($request->has('confirmed')) { UserAngelTypes_delete_all($angeltype['id']); engelsystem_log(sprintf('Denied all users for angeltype %s', AngelType_name_render($angeltype))); @@ -77,13 +78,14 @@ function user_angeltypes_delete_all_controller() function user_angeltypes_confirm_all_controller() { global $user, $privileges; + $request = request(); - if (!isset($_REQUEST['angeltype_id'])) { + if (!$request->has('angeltype_id')) { error(_('Angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); } - $angeltype = AngelType($_REQUEST['angeltype_id']); + $angeltype = AngelType($request->input('angeltype_id')); if ($angeltype == null) { error(_('Angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); @@ -100,7 +102,7 @@ function user_angeltypes_confirm_all_controller() redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['confirmed'])) { + if ($request->has('confirmed')) { UserAngelTypes_confirm_all($angeltype['id'], $user); engelsystem_log(sprintf('Confirmed all users for angeltype %s', AngelType_name_render($angeltype))); @@ -122,13 +124,14 @@ function user_angeltypes_confirm_all_controller() function user_angeltype_confirm_controller() { global $user; + $request = request(); - if (!isset($_REQUEST['user_angeltype_id'])) { + if (!$request->has('user_angeltype_id')) { error(_('User angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); } - $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']); + $user_angeltype = UserAngelType($request->input('user_angeltype_id')); if ($user_angeltype == null) { error(_('User angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); @@ -151,7 +154,7 @@ function user_angeltype_confirm_controller() redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['confirmed'])) { + if ($request->has('confirmed')) { UserAngelType_confirm($user_angeltype['id'], $user); engelsystem_log(sprintf( @@ -181,13 +184,14 @@ function user_angeltype_confirm_controller() function user_angeltype_delete_controller() { global $user; + $request = request(); - if (!isset($_REQUEST['user_angeltype_id'])) { + if (!$request->has('user_angeltype_id')) { error(_('User angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); } - $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']); + $user_angeltype = UserAngelType($request->input('user_angeltype_id')); if ($user_angeltype == null) { error(_('User angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); @@ -210,7 +214,7 @@ function user_angeltype_delete_controller() redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['confirmed'])) { + if ($request->has('confirmed')) { $result = UserAngelType_delete($user_angeltype); if ($result === false) { engelsystem_error('Unable to delete user angeltype.'); @@ -238,25 +242,26 @@ function user_angeltype_update_controller() { global $privileges; $supporter = false; + $request = request(); if (!in_array('admin_angel_types', $privileges)) { error(_('You are not allowed to set supporter rights.')); redirect(page_link_to('angeltypes')); } - if (!isset($_REQUEST['user_angeltype_id'])) { + if (!$request->has('user_angeltype_id')) { error(_('User angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['supporter']) && preg_match('/^[01]$/', $_REQUEST['supporter'])) { - $supporter = $_REQUEST['supporter'] == '1'; + if ($request->has('supporter') && preg_match('/^[01]$/', $request->input('supporter'))) { + $supporter = $request->input('supporter') == '1'; } else { error(_('No supporter update given.')); redirect(page_link_to('angeltypes')); } - $user_angeltype = UserAngelType($_REQUEST['user_angeltype_id']); + $user_angeltype = UserAngelType($request->input('user_angeltype_id')); if ($user_angeltype == null) { error(_('User angeltype doesn\'t exist.')); redirect(page_link_to('angeltypes')); @@ -274,7 +279,7 @@ function user_angeltype_update_controller() redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['confirmed'])) { + if ($request->has('confirmed')) { UserAngelType_update($user_angeltype['id'], $supporter); $success_message = sprintf( @@ -300,7 +305,6 @@ function user_angeltype_update_controller() function user_angeltype_add_controller() { global $user; - $angeltype = load_angeltype(); // User is joining by itself @@ -316,7 +320,7 @@ function user_angeltype_add_controller() // Load possible users, that are not in the angeltype already $users_source = Users_by_angeltype_inverted($angeltype); - if (isset($_REQUEST['submit'])) { + if (request()->has('submit')) { $user_source = load_user(); if (!UserAngelType_exists($user_source, $angeltype)) { @@ -366,7 +370,7 @@ function user_angeltype_join_controller($angeltype) redirect(page_link_to('angeltypes')); } - if (isset($_REQUEST['confirmed'])) { + if (request()->has('confirmed')) { $user_angeltype_id = UserAngelType_create($user, $angeltype); $success_message = sprintf(_('You joined %s.'), $angeltype['name']); @@ -398,11 +402,12 @@ function user_angeltype_join_controller($angeltype) */ function user_angeltypes_controller() { - if (!isset($_REQUEST['action'])) { + $request = request(); + if (!$request->has('action')) { redirect(page_link_to('angeltypes')); } - switch ($_REQUEST['action']) { + switch ($request->input('action')) { case 'delete_all': return user_angeltypes_delete_all_controller(); case 'confirm_all': diff --git a/includes/controller/user_driver_licenses_controller.php b/includes/controller/user_driver_licenses_controller.php index 3098c8ce..fef278dd 100644 --- a/includes/controller/user_driver_licenses_controller.php +++ b/includes/controller/user_driver_licenses_controller.php @@ -74,11 +74,11 @@ function user_driver_license_edit_link($user = null) function user_driver_license_load_user() { global $user; - + $request = request(); $user_source = $user; - if (isset($_REQUEST['user_id'])) { - $user_source = User($_REQUEST['user_id']); + if ($request->has('user_id')) { + $user_source = User($request->input('user_id')); if ($user_source == null) { redirect(user_driver_license_edit_link()); } @@ -95,7 +95,7 @@ function user_driver_license_load_user() function user_driver_license_edit_controller() { global $privileges, $user; - + $request = request(); $user_source = user_driver_license_load_user(); // only privilege admin_user can edit other users driver license information @@ -111,15 +111,15 @@ function user_driver_license_edit_controller() $wants_to_drive = true; } - if (isset($_REQUEST['submit'])) { - $wants_to_drive = isset($_REQUEST['wants_to_drive']); + if ($request->has('submit')) { + $wants_to_drive = $request->has('wants_to_drive'); if ($wants_to_drive) { - $user_driver_license['has_car'] = isset($_REQUEST['has_car']); - $user_driver_license['has_license_car'] = isset($_REQUEST['has_license_car']); - $user_driver_license['has_license_3_5t_transporter'] = isset($_REQUEST['has_license_3_5t_transporter']); - $user_driver_license['has_license_7_5t_truck'] = isset($_REQUEST['has_license_7_5t_truck']); - $user_driver_license['has_license_12_5t_truck'] = isset($_REQUEST['has_license_12_5t_truck']); - $user_driver_license['has_license_forklift'] = isset($_REQUEST['has_license_forklift']); + $user_driver_license['has_car'] = $request->has('has_car'); + $user_driver_license['has_license_car'] = $request->has('has_license_car'); + $user_driver_license['has_license_3_5t_transporter'] = $request->has('has_license_3_5t_transporter'); + $user_driver_license['has_license_7_5t_truck'] = $request->has('has_license_7_5t_truck'); + $user_driver_license['has_license_12_5t_truck'] = $request->has('has_license_12_5t_truck'); + $user_driver_license['has_license_forklift'] = $request->has('has_license_forklift'); if (UserDriverLicense_valid($user_driver_license)) { if ($user_driver_license['user_id'] == null) { diff --git a/includes/controller/users_controller.php b/includes/controller/users_controller.php index 84b6bbda..b747cc83 100644 --- a/includes/controller/users_controller.php +++ b/includes/controller/users_controller.php @@ -12,16 +12,18 @@ use Engelsystem\ShiftsFilter; function users_controller() { global $user; + $request = request(); if (!isset($user)) { redirect(page_link_to('')); } - if (!isset($_REQUEST['action'])) { - $_REQUEST['action'] = 'list'; + $action = 'list'; + if ($request->has('action')) { + $action = $request->input('action'); } - switch ($_REQUEST['action']) { + switch ($action) { case 'view': return user_controller(); case 'delete': @@ -42,9 +44,10 @@ function users_controller() function user_delete_controller() { global $privileges, $user; + $request = request(); - if (isset($_REQUEST['user_id'])) { - $user_source = User($_REQUEST['user_id']); + if ($request->has('user_id')) { + $user_source = User($request->get('user_id')); } else { $user_source = $user; } @@ -59,11 +62,14 @@ function user_delete_controller() redirect(user_link($user)); } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $valid = true; - if (!(isset($_REQUEST['password']) && verify_password($_REQUEST['password'], $user['Passwort'], - $user['UID'])) + if ( + !( + $request->has('password') + && verify_password($request->post('password'), $user['Passwort'], $user['UID']) + ) ) { $valid = false; error(_('Your password is incorrect. Please try it again.')); @@ -130,9 +136,10 @@ function user_link($user) function user_edit_vouchers_controller() { global $privileges, $user; + $request = request(); - if (isset($_REQUEST['user_id'])) { - $user_source = User($_REQUEST['user_id']); + if ($request->has('user_id')) { + $user_source = User($request->input('user_id')); } else { $user_source = $user; } @@ -141,12 +148,16 @@ function user_edit_vouchers_controller() redirect(page_link_to('')); } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $valid = true; $vouchers = ''; - if (isset($_REQUEST['vouchers']) && test_request_int('vouchers') && trim($_REQUEST['vouchers']) >= 0) { - $vouchers = trim($_REQUEST['vouchers']); + if ( + $request->has('vouchers') + && test_request_int('vouchers') + && trim($request->input('vouchers')) >= 0 + ) { + $vouchers = trim($request->input('vouchers')); } else { $valid = false; error(_('Please enter a valid number of vouchers.')); @@ -180,10 +191,11 @@ function user_edit_vouchers_controller() function user_controller() { global $privileges, $user; + $request = request(); $user_source = $user; - if (isset($_REQUEST['user_id'])) { - $user_source = User($_REQUEST['user_id']); + if ($request->has('user_id')) { + $user_source = User($request->input('user_id')); if ($user_source == null) { error(_('User not found.')); redirect('?'); @@ -241,14 +253,15 @@ function user_controller() function users_list_controller() { global $privileges; + $request = request(); if (!in_array('admin_user', $privileges)) { redirect(page_link_to('')); } $order_by = 'Nick'; - if (isset($_REQUEST['OrderBy']) && in_array($_REQUEST['OrderBy'], User_sortable_columns())) { - $order_by = $_REQUEST['OrderBy']; + if ($request->has('OrderBy') && in_array($request->input('OrderBy'), User_sortable_columns())) { + $order_by = $request->input('OrderBy'); } $users = Users($order_by); @@ -282,20 +295,21 @@ function users_list_controller() */ function user_password_recovery_set_new_controller() { - $user_source = User_by_password_recovery_token($_REQUEST['token']); + $request = request(); + $user_source = User_by_password_recovery_token($request->input('token')); if ($user_source == null) { error(_('Token is not correct.')); redirect(page_link_to('login')); } - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $valid = true; if ( - isset($_REQUEST['password']) - && strlen($_REQUEST['password']) >= config('min_password_length') + $request->has('password') + && strlen($request->post('password')) >= config('min_password_length') ) { - if ($_REQUEST['password'] != $_REQUEST['password2']) { + if ($request->post('password') != $request->post('password2')) { $valid = false; error(_('Your passwords don\'t match.')); } @@ -305,7 +319,7 @@ function user_password_recovery_set_new_controller() } if ($valid) { - set_password($user_source['UID'], $_REQUEST['password']); + set_password($user_source['UID'], $request->post('password')); success(_('Password saved.')); redirect(page_link_to('login')); } @@ -321,10 +335,11 @@ function user_password_recovery_set_new_controller() */ function user_password_recovery_start_controller() { - if (isset($_REQUEST['submit'])) { + $request = request(); + if ($request->has('submit')) { $valid = true; - if (isset($_REQUEST['email']) && strlen(strip_request_item('email')) > 0) { + if ($request->has('email') && strlen(strip_request_item('email')) > 0) { $email = strip_request_item('email'); if (check_email($email)) { $user_source = User_by_email($email); @@ -367,7 +382,7 @@ function user_password_recovery_start_controller() */ function user_password_recovery_controller() { - if (isset($_REQUEST['token'])) { + if (request()->has('token')) { return user_password_recovery_set_new_controller(); } @@ -391,11 +406,12 @@ function user_password_recovery_title() */ function load_user() { - if (!isset($_REQUEST['user_id'])) { + $request = request(); + if (!$request->has('user_id')) { redirect(page_link_to()); } - $user = User($_REQUEST['user_id']); + $user = User($request->input('user_id')); if ($user == null) { error(_('User doesn\'t exist.')); diff --git a/includes/engelsystem_provider.php b/includes/engelsystem_provider.php index a818e4cd..edfae705 100644 --- a/includes/engelsystem_provider.php +++ b/includes/engelsystem_provider.php @@ -3,6 +3,7 @@ use Engelsystem\Config\Config; use Engelsystem\Database\Db; use Engelsystem\Exceptions\Handler as ExceptionHandler; +use Engelsystem\Http\Request; /** * This file includes all needed functions, connects to the db etc. @@ -31,6 +32,13 @@ if (file_exists(__DIR__ . '/../config/config.php')) { date_default_timezone_set($config->get('timezone')); +/** + * Initialize Request + */ +$request = new Request(); +$request->create(); +$request::setInstance($request); + /** * Check for maintenance */ diff --git a/includes/helper/internationalization_helper.php b/includes/helper/internationalization_helper.php index ed16de15..d2dbcdbd 100644 --- a/includes/helper/internationalization_helper.php +++ b/includes/helper/internationalization_helper.php @@ -26,12 +26,12 @@ function locale_short() function gettext_init() { $locales = config('locales'); - $default_locale = config('default_locale'); + $request = request(); - if (isset($_REQUEST['set_locale']) && isset($locales[$_REQUEST['set_locale']])) { - $_SESSION['locale'] = $_REQUEST['set_locale']; + if ($request->has('set_locale') && isset($locales[$request->input('set_locale')])) { + $_SESSION['locale'] = $request->input('set_locale'); } elseif (!isset($_SESSION['locale'])) { - $_SESSION['locale'] = $default_locale; + $_SESSION['locale'] = config('default_locale'); } gettext_locale(); diff --git a/includes/pages/admin_active.php b/includes/pages/admin_active.php index d21afabe..2e06f90d 100644 --- a/includes/pages/admin_active.php +++ b/includes/pages/admin_active.php @@ -17,6 +17,7 @@ function admin_active() { $tshirt_sizes = config('tshirt_sizes'); $shift_sum_formula = config('shift_sum_formula'); + $request = request(); $msg = ''; $search = ''; @@ -25,16 +26,16 @@ function admin_active() $limit = ''; $set_active = ''; - if (isset($_REQUEST['search'])) { + if ($request->has('search')) { $search = strip_request_item('search'); } - $show_all_shifts = isset($_REQUEST['show_all_shifts']); + $show_all_shifts = $request->has('show_all_shifts'); - if (isset($_REQUEST['set_active'])) { + if ($request->has('set_active')) { $valid = true; - if (isset($_REQUEST['count']) && preg_match('/^\d+$/', $_REQUEST['count'])) { + if ($request->has('count') && preg_match('/^\d+$/', $request->input('count'))) { $count = strip_request_item('count'); if ($count < $forced_count) { error(sprintf( @@ -51,7 +52,7 @@ function admin_active() if ($valid) { $limit = ' LIMIT ' . $count; } - if (isset($_REQUEST['ack'])) { + if ($request->has('ack')) { DB::update('UPDATE `User` SET `Aktiv` = 0 WHERE `Tshirt` = 0'); $users = DB::select(sprintf(' SELECT @@ -89,8 +90,8 @@ function admin_active() } } - if (isset($_REQUEST['active']) && preg_match('/^\d+$/', $_REQUEST['active'])) { - $user_id = $_REQUEST['active']; + if ($request->has('active') && preg_match('/^\d+$/', $request->input('active'))) { + $user_id = $request->input('active'); $user_source = User($user_id); if ($user_source != null) { DB::update('UPDATE `User` SET `Aktiv`=1 WHERE `UID`=? LIMIT 1', [$user_id]); @@ -99,8 +100,8 @@ function admin_active() } else { $msg = error(_('Angel not found.'), true); } - } elseif (isset($_REQUEST['not_active']) && preg_match('/^\d+$/', $_REQUEST['not_active'])) { - $user_id = $_REQUEST['not_active']; + } elseif ($request->has('not_active') && preg_match('/^\d+$/', $request->input('not_active'))) { + $user_id = $request->input('not_active'); $user_source = User($user_id); if ($user_source != null) { DB::update('UPDATE `User` SET `Aktiv`=0 WHERE `UID`=? LIMIT 1', [$user_id]); @@ -109,8 +110,8 @@ function admin_active() } else { $msg = error(_('Angel not found.'), true); } - } elseif (isset($_REQUEST['tshirt']) && preg_match('/^\d+$/', $_REQUEST['tshirt'])) { - $user_id = $_REQUEST['tshirt']; + } elseif ($request->has('tshirt') && preg_match('/^\d+$/', $request->input('tshirt'))) { + $user_id = $request->input('tshirt'); $user_source = User($user_id); if ($user_source != null) { DB::update('UPDATE `User` SET `Tshirt`=1 WHERE `UID`=? LIMIT 1', [$user_id]); @@ -119,8 +120,8 @@ function admin_active() } else { $msg = error('Angel not found.', true); } - } elseif (isset($_REQUEST['not_tshirt']) && preg_match('/^\d+$/', $_REQUEST['not_tshirt'])) { - $user_id = $_REQUEST['not_tshirt']; + } elseif ($request->has('not_tshirt') && preg_match('/^\d+$/', $request->input('not_tshirt'))) { + $user_id = $request->input('not_tshirt'); $user_source = User($user_id); if ($user_source != null) { DB::update('UPDATE `User` SET `Tshirt`=0 WHERE `UID`=? LIMIT 1', [$user_id]); diff --git a/includes/pages/admin_arrive.php b/includes/pages/admin_arrive.php index 77155dae..ebeccb8c 100644 --- a/includes/pages/admin_arrive.php +++ b/includes/pages/admin_arrive.php @@ -17,12 +17,14 @@ function admin_arrive() { $msg = ''; $search = ''; - if (isset($_REQUEST['search'])) { + $request = request(); + + if ($request->has('search')) { $search = strip_request_item('search'); } - if (isset($_REQUEST['reset']) && preg_match('/^\d*$/', $_REQUEST['reset'])) { - $user_id = $_REQUEST['reset']; + if ($request->has('reset') && preg_match('/^\d*$/', $request->input('reset'))) { + $user_id = $request->input('reset'); $user_source = User($user_id); if ($user_source != null) { DB::update(' @@ -37,8 +39,8 @@ function admin_arrive() } else { $msg = error(_('Angel not found.'), true); } - } elseif (isset($_REQUEST['arrived']) && preg_match('/^\d*$/', $_REQUEST['arrived'])) { - $user_id = $_REQUEST['arrived']; + } elseif ($request->has('arrived') && preg_match('/^\d*$/', $request->input('arrived'))) { + $user_id = $request->input('arrived'); $user_source = User($user_id); if ($user_source != null) { DB::update(' diff --git a/includes/pages/admin_free.php b/includes/pages/admin_free.php index daaead22..ebf227a4 100644 --- a/includes/pages/admin_free.php +++ b/includes/pages/admin_free.php @@ -16,20 +16,20 @@ function admin_free_title() function admin_free() { global $privileges; + $request = request(); $search = ''; - if (isset($_REQUEST['search'])) { + if ($request->has('search')) { $search = strip_request_item('search'); } $angelTypeSearch = ''; - if (empty($_REQUEST['angeltype'])) { - $_REQUEST['angeltype'] = ''; - } else { + $angelType = $request->input('angeltype', ''); + if (!empty($angelType)) { $angelTypeSearch = ' INNER JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id` = ' - . DB::getPdo()->quote($_REQUEST['angeltype']) + . DB::getPdo()->quote($angelType) . ' AND `UserAngelTypes`.`user_id` = `User`.`UID`'; - if (isset($_REQUEST['confirmed_only'])) { + if ($request->has('confirmed_only')) { $angelTypeSearch .= ' AND `UserAngelTypes`.`confirm_user_id`'; } $angelTypeSearch .= ') '; @@ -105,10 +105,10 @@ function admin_free() form_text('search', _('Search'), $search) ]), div('col-md-4', [ - form_select('angeltype', _('Angeltype'), $angel_types, $_REQUEST['angeltype']) + form_select('angeltype', _('Angeltype'), $angel_types, $angelType) ]), div('col-md-2', [ - form_checkbox('confirmed_only', _('Only confirmed'), isset($_REQUEST['confirmed_only'])) + form_checkbox('confirmed_only', _('Only confirmed'), $request->has('confirmed_only')) ]), div('col-md-2', [ form_submit('submit', _('Search')) diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php index 4011ccf1..c483a79d 100644 --- a/includes/pages/admin_groups.php +++ b/includes/pages/admin_groups.php @@ -16,8 +16,10 @@ function admin_groups_title() function admin_groups() { $html = ''; + $request = request(); $groups = DB::select('SELECT * FROM `Groups` ORDER BY `Name`'); - if (!isset($_REQUEST['action'])) { + + if (!$request->has('action')) { $groups_table = []; foreach ($groups as $group) { $privileges = DB::select(' @@ -51,10 +53,10 @@ function admin_groups() ], $groups_table) ]); } else { - switch ($_REQUEST['action']) { + switch ($request->input('action')) { case 'edit': - if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) { - $group_id = $_REQUEST['id']; + if ($request->has('id') && preg_match('/^-\d{1,11}$/', $request->input('id'))) { + $group_id = $request->input('id'); } else { return error('Incomplete call, missing Groups ID.', true); } @@ -99,21 +101,22 @@ function admin_groups() break; case 'save': - if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) { - $group_id = $_REQUEST['id']; + if ($request->has('id') && preg_match('/^-\d{1,11}$/', $request->input('id'))) { + $group_id = $request->input('id'); } else { return error('Incomplete call, missing Groups ID.', true); } $group = DB::select('SELECT * FROM `Groups` WHERE `UID`=? LIMIT 1', [$group_id]); - if (!is_array($_REQUEST['privileges'])) { - $_REQUEST['privileges'] = []; + $privileges = $request->get('privileges'); + if (!is_array($privileges)) { + $privileges = []; } if (!empty($group)) { $group = array_shift($group); DB::delete('DELETE FROM `GroupPrivileges` WHERE `group_id`=?', [$group_id]); $privilege_names = []; - foreach ($_REQUEST['privileges'] as $privilege) { + foreach ($privileges as $privilege) { if (preg_match('/^\d{1,}$/', $privilege)) { $group_privileges_source = DB::select( 'SELECT `name` FROM `Privileges` WHERE `id`=? LIMIT 1', diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php index 7a246b4b..3cbed9f9 100644 --- a/includes/pages/admin_import.php +++ b/includes/pages/admin_import.php @@ -15,21 +15,21 @@ function admin_import_title() */ function admin_import() { - global $rooms_import; - global $user; + global $rooms_import, $user; $html = ''; $import_dir = __DIR__ . '/../../import'; + $request = request(); $step = 'input'; if ( - isset($_REQUEST['step']) - && in_array($step, [ + $request->has('step') + && in_array($request->input('step'), [ 'input', 'check', 'import' ]) ) { - $step = $_REQUEST['step']; + $step = $request->input('step'); } if ($test_handle = @fopen($import_dir . '/tmp', 'w')) { @@ -57,25 +57,25 @@ function admin_import() case 'input': $valid = false; - if (isset($_REQUEST['submit'])) { + if ($request->has('submit')) { $valid = true; - if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { - $shifttype_id = $_REQUEST['shifttype_id']; + if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) { + $shifttype_id = $request->input('shifttype_id'); } else { $valid = false; error(_('Please select a shift type.')); } - if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) { - $add_minutes_start = trim($_REQUEST['add_minutes_start']); + if ($request->has('add_minutes_start') && is_numeric(trim($request->input('add_minutes_start')))) { + $add_minutes_start = trim($request->input('add_minutes_start')); } else { $valid = false; error(_('Please enter an amount of minutes to add to a talk\'s begin.')); } - if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) { - $add_minutes_end = trim($_REQUEST['add_minutes_end']); + if ($request->has('add_minutes_end') && is_numeric(trim($request->input('add_minutes_end')))) { + $add_minutes_end = trim($request->input('add_minutes_end')); } else { $valid = false; error(_('Please enter an amount of minutes to add to a talk\'s end.')); @@ -133,22 +133,22 @@ function admin_import() redirect(page_link_to('admin_import')); } - if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { - $shifttype_id = $_REQUEST['shifttype_id']; + if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) { + $shifttype_id = $request->input('shifttype_id'); } else { error(_('Please select a shift type.')); redirect(page_link_to('admin_import')); } - if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) { - $add_minutes_start = trim($_REQUEST['add_minutes_start']); + if ($request->has('add_minutes_start') && is_numeric(trim($request->input('add_minutes_start')))) { + $add_minutes_start = trim($request->input('add_minutes_start')); } else { error(_('Please enter an amount of minutes to add to a talk\'s begin.')); redirect(page_link_to('admin_import')); } - if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) { - $add_minutes_end = trim($_REQUEST['add_minutes_end']); + if ($request->has('add_minutes_end') && is_numeric(trim($request->input(('add_minutes_end'))))) { + $add_minutes_end = trim($request->input('add_minutes_end')); } else { error(_('Please enter an amount of minutes to add to a talk\'s end.')); redirect(page_link_to('admin_import')); @@ -227,22 +227,22 @@ function admin_import() redirect(page_link_to('admin_import')); } - if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { - $shifttype_id = $_REQUEST['shifttype_id']; + if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) { + $shifttype_id = $request->input('shifttype_id'); } else { error(_('Please select a shift type.')); redirect(page_link_to('admin_import')); } - if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) { - $add_minutes_start = trim($_REQUEST['add_minutes_start']); + if ($request->has('add_minutes_start') && is_numeric(trim($request->input('add_minutes_start')))) { + $add_minutes_start = trim($request->input('add_minutes_start')); } else { error(_('Please enter an amount of minutes to add to a talk\'s begin.')); redirect(page_link_to('admin_import')); } - if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) { - $add_minutes_end = trim($_REQUEST['add_minutes_end']); + if ($request->has('add_minutes_end') && is_numeric(trim($request->input('add_minutes_end')))) { + $add_minutes_end = trim($request->input('add_minutes_end')); } else { error(_('Please enter an amount of minutes to add to a talk\'s end.')); redirect(page_link_to('admin_import')); diff --git a/includes/pages/admin_log.php b/includes/pages/admin_log.php index 9e5e5827..03c9abb0 100644 --- a/includes/pages/admin_log.php +++ b/includes/pages/admin_log.php @@ -14,7 +14,7 @@ function admin_log_title() function admin_log() { $filter = ''; - if (isset($_REQUEST['keyword'])) { + if (request()->has('keyword')) { $filter = strip_request_item('keyword'); } $log_entries_source = LogEntries_filter($filter); diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php index bc242831..7f8ca1ba 100644 --- a/includes/pages/admin_news.php +++ b/includes/pages/admin_news.php @@ -8,14 +8,15 @@ use Engelsystem\Database\DB; function admin_news() { global $user; + $request = request(); - if (!isset($_GET['action'])) { + if (!$request->has('action')) { redirect(page_link_to('news')); } $html = '