Replaced [0-9] with \d

main
Bot 8 years ago committed by Igor Scheller
parent 915ce28fee
commit 740026a9de

@ -12,7 +12,7 @@ function shift_entry_add_controller()
global $privileges, $user;
$shift_id = 0;
if (isset($_REQUEST['shift_id']) && preg_match('/^[0-9]*$/', $_REQUEST['shift_id'])) {
if (isset($_REQUEST['shift_id']) && preg_match('/^\d*$/', $_REQUEST['shift_id'])) {
$shift_id = $_REQUEST['shift_id'];
} else {
redirect(page_link_to('user_shifts'));
@ -32,7 +32,7 @@ function shift_entry_add_controller()
}
$type_id = 0;
if (isset($_REQUEST['type_id']) && preg_match('/^[0-9]*$/', $_REQUEST['type_id'])) {
if (isset($_REQUEST['type_id']) && preg_match('/^\d*$/', $_REQUEST['type_id'])) {
$type_id = $_REQUEST['type_id'];
} else {
redirect(page_link_to('user_shifts'));
@ -64,7 +64,7 @@ function shift_entry_add_controller()
if (
isset($_REQUEST['user_id'])
&& preg_match('/^[0-9]*$/', $_REQUEST['user_id'])
&& preg_match('/^\d*$/', $_REQUEST['user_id'])
&& (
in_array('user_shifts_admin', $privileges)
|| in_array('shiftentry_edit_angeltype_supporter', $privileges)

@ -78,7 +78,7 @@ function shift_edit_controller()
$title = strip_request_item('title');
// Auswahl der sichtbaren Locations für die Schichten
if (isset($_REQUEST['rid']) && preg_match('/^[0-9]+$/', $_REQUEST['rid']) && isset($room[$_REQUEST['rid']])) {
if (isset($_REQUEST['rid']) && preg_match('/^\d+$/', $_REQUEST['rid']) && isset($room[$_REQUEST['rid']])) {
$rid = $_REQUEST['rid'];
} else {
$valid = false;
@ -192,7 +192,7 @@ function shift_delete_controller()
}
// Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg)
if (!isset($_REQUEST['delete_shift']) || !preg_match('/^[0-9]*$/', $_REQUEST['delete_shift'])) {
if (!isset($_REQUEST['delete_shift']) || !preg_match('/^\d*$/', $_REQUEST['delete_shift'])) {
redirect(page_link_to('user_shifts'));
}
$shift_id = $_REQUEST['delete_shift'];
@ -360,7 +360,7 @@ function shifts_json_export_controller()
{
global $user;
if (!isset($_REQUEST['key']) || !preg_match('/^[0-9a-f]{32}$/', $_REQUEST['key'])) {
if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
engelsystem_error('Missing key.');
}

@ -79,7 +79,7 @@ function shifttype_edit_controller()
error(_('Please enter a name.'));
}
if (isset($_REQUEST['angeltype_id']) && preg_match('/^[0-9]+$/', $_REQUEST['angeltype_id'])) {
if (isset($_REQUEST['angeltype_id']) && preg_match('/^\d+$/', $_REQUEST['angeltype_id'])) {
$angeltype_id = $_REQUEST['angeltype_id'];
} else {
$angeltype_id = null;

@ -41,7 +41,7 @@ function Message_send($receiver_user_id, $text)
global $user;
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
$receiver_user_id = preg_replace('/([^0-9]{1,})/ui', '', strip_tags($receiver_user_id));
$receiver_user_id = preg_replace('/([^\d]{1,})/ui', '', strip_tags($receiver_user_id));
if (
($text != '' && is_numeric($receiver_user_id))

@ -33,7 +33,7 @@ function admin_active()
if (isset($_REQUEST['set_active'])) {
$valid = true;
if (isset($_REQUEST['count']) && preg_match('/^[0-9]+$/', $_REQUEST['count'])) {
if (isset($_REQUEST['count']) && preg_match('/^\d+$/', $_REQUEST['count'])) {
$count = strip_request_item('count');
if ($count < $forced_count) {
error(sprintf(
@ -89,7 +89,7 @@ function admin_active()
}
}
if (isset($_REQUEST['active']) && preg_match('/^[0-9]+$/', $_REQUEST['active'])) {
if (isset($_REQUEST['active']) && preg_match('/^\d+$/', $_REQUEST['active'])) {
$user_id = $_REQUEST['active'];
$user_source = User($user_id);
if ($user_source != null) {
@ -99,7 +99,7 @@ function admin_active()
} else {
$msg = error(_('Angel not found.'), true);
}
} elseif (isset($_REQUEST['not_active']) && preg_match('/^[0-9]+$/', $_REQUEST['not_active'])) {
} elseif (isset($_REQUEST['not_active']) && preg_match('/^\d+$/', $_REQUEST['not_active'])) {
$user_id = $_REQUEST['not_active'];
$user_source = User($user_id);
if ($user_source != null) {
@ -109,7 +109,7 @@ function admin_active()
} else {
$msg = error(_('Angel not found.'), true);
}
} elseif (isset($_REQUEST['tshirt']) && preg_match('/^[0-9]+$/', $_REQUEST['tshirt'])) {
} elseif (isset($_REQUEST['tshirt']) && preg_match('/^\d+$/', $_REQUEST['tshirt'])) {
$user_id = $_REQUEST['tshirt'];
$user_source = User($user_id);
if ($user_source != null) {
@ -119,7 +119,7 @@ function admin_active()
} else {
$msg = error('Angel not found.', true);
}
} elseif (isset($_REQUEST['not_tshirt']) && preg_match('/^[0-9]+$/', $_REQUEST['not_tshirt'])) {
} elseif (isset($_REQUEST['not_tshirt']) && preg_match('/^\d+$/', $_REQUEST['not_tshirt'])) {
$user_id = $_REQUEST['not_tshirt'];
$user_source = User($user_id);
if ($user_source != null) {

@ -21,7 +21,7 @@ function admin_arrive()
$search = strip_request_item('search');
}
if (isset($_REQUEST['reset']) && preg_match('/^[0-9]*$/', $_REQUEST['reset'])) {
if (isset($_REQUEST['reset']) && preg_match('/^\d*$/', $_REQUEST['reset'])) {
$user_id = $_REQUEST['reset'];
$user_source = User($user_id);
if ($user_source != null) {
@ -37,7 +37,7 @@ function admin_arrive()
} else {
$msg = error(_('Angel not found.'), true);
}
} elseif (isset($_REQUEST['arrived']) && preg_match('/^[0-9]*$/', $_REQUEST['arrived'])) {
} elseif (isset($_REQUEST['arrived']) && preg_match('/^\d*$/', $_REQUEST['arrived'])) {
$user_id = $_REQUEST['arrived'];
$user_source = User($user_id);
if ($user_source != null) {

@ -53,7 +53,7 @@ function admin_groups()
} else {
switch ($_REQUEST['action']) {
case 'edit':
if (isset($_REQUEST['id']) && preg_match('/^-[0-9]{1,11}$/', $_REQUEST['id'])) {
if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) {
$group_id = $_REQUEST['id'];
} else {
return error('Incomplete call, missing Groups ID.', true);
@ -99,7 +99,7 @@ function admin_groups()
break;
case 'save':
if (isset($_REQUEST['id']) && preg_match('/^-[0-9]{1,11}$/', $_REQUEST['id'])) {
if (isset($_REQUEST['id']) && preg_match('/^-\d{1,11}$/', $_REQUEST['id'])) {
$group_id = $_REQUEST['id'];
} else {
return error('Incomplete call, missing Groups ID.', true);
@ -114,7 +114,7 @@ function admin_groups()
DB::delete('DELETE FROM `GroupPrivileges` WHERE `group_id`=?', [$group_id]);
$privilege_names = [];
foreach ($_REQUEST['privileges'] as $privilege) {
if (preg_match('/^[0-9]{1,}$/', $privilege)) {
if (preg_match('/^\d{1,}$/', $privilege)) {
$group_privileges_source = DB::select(
'SELECT `name` FROM `Privileges` WHERE `id`=? LIMIT 1',
[$privilege]

@ -14,7 +14,7 @@ function admin_news()
}
$html = '<div class="col-md-12"><h1>' . _('Edit news entry') . '</h1>' . msg();
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
$news_id = $_REQUEST['id'];
} else {
return error('Incomplete call, missing News ID.', true);

@ -98,7 +98,7 @@ function admin_questions()
} else {
switch ($_REQUEST['action']) {
case 'answer':
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
$question_id = $_REQUEST['id'];
} else {
return error('Incomplete call, missing Question ID.', true);
@ -139,7 +139,7 @@ function admin_questions()
}
break;
case 'delete':
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
$question_id = $_REQUEST['id'];
} else {
return error('Incomplete call, missing Question ID.', true);

@ -112,7 +112,7 @@ function admin_rooms()
foreach ($angeltypes as $angeltype_id => $angeltype) {
if (
isset($_REQUEST['angeltype_count_' . $angeltype_id])
&& preg_match('/^[0-9]{1,4}$/', $_REQUEST['angeltype_count_' . $angeltype_id])
&& preg_match('/^\d{1,4}$/', $_REQUEST['angeltype_count_' . $angeltype_id])
) {
$angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id];
} else {

@ -72,7 +72,7 @@ function admin_shifts()
// Auswahl der sichtbaren Locations für die Schichten
if (
isset($_REQUEST['rid'])
&& preg_match('/^[0-9]+$/', $_REQUEST['rid'])
&& preg_match('/^\d+$/', $_REQUEST['rid'])
&& isset($room_array[$_REQUEST['rid']])
) {
$rid = $_REQUEST['rid'];
@ -105,7 +105,7 @@ function admin_shifts()
if ($_REQUEST['mode'] == 'single') {
$mode = 'single';
} elseif ($_REQUEST['mode'] == 'multi') {
if (isset($_REQUEST['length']) && preg_match('/^[0-9]+$/', trim($_REQUEST['length']))) {
if (isset($_REQUEST['length']) && preg_match('/^\d+$/', trim($_REQUEST['length']))) {
$mode = 'multi';
$length = trim($_REQUEST['length']);
} else {
@ -115,7 +115,7 @@ function admin_shifts()
} elseif ($_REQUEST['mode'] == 'variable') {
if (
isset($_REQUEST['change_hours'])
&& preg_match('/^([0-9]{2}(,|$))/', trim(str_replace(' ', '', $_REQUEST['change_hours'])))
&& preg_match('/^(\d{2}(,|$))/', trim(str_replace(' ', '', $_REQUEST['change_hours'])))
) {
$mode = 'variable';
$change_hours = array_map('trim', explode(',', $_REQUEST['change_hours']));
@ -137,7 +137,7 @@ function admin_shifts()
foreach ($types as $type) {
if (
isset($_REQUEST['type_' . $type['id']])
&& preg_match('/^[0-9]+$/', trim($_REQUEST['type_' . $type['id']]))
&& preg_match('/^\d+$/', trim($_REQUEST['type_' . $type['id']]))
) {
$needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]);
} else {

@ -155,7 +155,7 @@ function guest_register()
if (isset($_REQUEST['prename'])) {
$preName = strip_request_item('prename');
}
if (isset($_REQUEST['age']) && preg_match('/^[0-9]{0,4}$/', $_REQUEST['age'])) {
if (isset($_REQUEST['age']) && preg_match('/^\d{0,4}$/', $_REQUEST['age'])) {
$age = strip_request_item('age');
}
if (isset($_REQUEST['tel'])) {

@ -9,7 +9,7 @@ function user_atom()
{
global $user, $display_news;
if (!isset($_REQUEST['key']) || !preg_match('/^[0-9a-f]{32}$/', $_REQUEST['key'])) {
if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
engelsystem_error('Missing key.');
}
$key = $_REQUEST['key'];
@ -48,7 +48,7 @@ function make_atom_entries_from_news($news_entries)
<title>Engelsystem</title>
<id>' . $_SERVER['HTTP_HOST']
. htmlspecialchars(preg_replace(
'#[&?]key=[a-f0-9]{32}#',
'#[&?]key=[a-f\d]{32}#',
'',
$_SERVER['REQUEST_URI']
))

@ -7,7 +7,7 @@ function user_ical()
{
global $user;
if (!isset($_REQUEST['key']) || !preg_match('/^[0-9a-f]{32}$/', $_REQUEST['key'])) {
if (!isset($_REQUEST['key']) || !preg_match('/^[\da-f]{32}$/', $_REQUEST['key'])) {
engelsystem_error('Missing key.');
}
$key = $_REQUEST['key'];

@ -123,7 +123,7 @@ function user_messages()
} else {
switch ($_REQUEST['action']) {
case 'read':
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
$message_id = $_REQUEST['id'];
} else {
return error(_('Incomplete call, missing Message ID.'), true);
@ -145,7 +145,7 @@ function user_messages()
break;
case 'delete':
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
$message_id = $_REQUEST['id'];
} else {
return error(_('Incomplete call, missing Message ID.'), true);

@ -23,7 +23,7 @@ function user_myshifts()
if (
isset($_REQUEST['id'])
&& in_array('user_shifts_admin', $privileges)
&& preg_match('/^[0-9]{1,}$/', $_REQUEST['id'])
&& preg_match('/^\d{1,}$/', $_REQUEST['id'])
&& count(DB::select('SELECT `UID` FROM `User` WHERE `UID`=?', [$_REQUEST['id']])) > 0
) {
$user_id = $_REQUEST['id'];
@ -47,7 +47,7 @@ function user_myshifts()
),
button(page_link_to('user_myshifts') . '&reset=ack', _('Continue'), 'btn-danger')
]);
} elseif (isset($_REQUEST['edit']) && preg_match('/^[0-9]*$/', $_REQUEST['edit'])) {
} elseif (isset($_REQUEST['edit']) && preg_match('/^\d*$/', $_REQUEST['edit'])) {
$user_id = $_REQUEST['edit'];
$shift = DB::select('
SELECT
@ -129,7 +129,7 @@ function user_myshifts()
} else {
redirect(page_link_to('user_myshifts'));
}
} elseif (isset($_REQUEST['cancel']) && preg_match('/^[0-9]*$/', $_REQUEST['cancel'])) {
} elseif (isset($_REQUEST['cancel']) && preg_match('/^\d*$/', $_REQUEST['cancel'])) {
$user_id = $_REQUEST['cancel'];
$shift = DB::select('
SELECT *

@ -35,7 +35,7 @@ function user_meetings()
$html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg();
if (isset($_REQUEST['page']) && preg_match('/^[0-9]{1,}$/', $_REQUEST['page'])) {
if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) {
$page = $_REQUEST['page'];
} else {
$page = 0;
@ -120,7 +120,7 @@ function user_news_comments()
$html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
if (
isset($_REQUEST['nid'])
&& preg_match('/^[0-9]{1,}$/', $_REQUEST['nid'])
&& preg_match('/^\d{1,}$/', $_REQUEST['nid'])
&& count(DB::select('SELECT `ID` FROM `News` WHERE `ID`=? LIMIT 1', [$_REQUEST['nid']])) > 0
) {
$nid = $_REQUEST['nid'];
@ -203,7 +203,7 @@ function user_news()
redirect(page_link_to('news'));
}
if (isset($_REQUEST['page']) && preg_match('/^[0-9]{1,}$/', $_REQUEST['page'])) {
if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) {
$page = $_REQUEST['page'];
} else {
$page = 0;

@ -56,7 +56,7 @@ function user_questions()
}
break;
case 'delete':
if (isset($_REQUEST['id']) && preg_match('/^[0-9]{1,11}$/', $_REQUEST['id'])) {
if (isset($_REQUEST['id']) && preg_match('/^\d{1,11}$/', $_REQUEST['id'])) {
$question_id = $_REQUEST['id'];
} else {
return error(_('Incomplete call, missing Question ID.'), true);

@ -164,7 +164,7 @@ function strip_request_item($name, $default_value = null)
function test_request_int($name)
{
if (isset($_REQUEST[$name])) {
return preg_match('/^[0-9]*$/', $_REQUEST[$name]);
return preg_match('/^\d*$/', $_REQUEST[$name]);
}
return false;
}

@ -30,7 +30,7 @@ if (!isset($_REQUEST['p'])) {
if (
isset($_REQUEST['p'])
&& preg_match('/^[a-z0-9_]*$/i', $_REQUEST['p'])
&& preg_match('/^\w*$/i', $_REQUEST['p'])
&& (
in_array($_REQUEST['p'], $free_pages)
|| (isset($privileges) && in_array($_REQUEST['p'], $privileges))

Loading…
Cancel
Save