Prevent object serialization in session

main
Igor Scheller 6 years ago
parent d6c8f1a614
commit d93ace2eae

@ -48,7 +48,7 @@ class ShiftsFilter
* @param int[] $rooms
* @param int[] $types
*/
public function __construct($user_shifts_admin, $rooms, $types)
public function __construct($user_shifts_admin = false, $rooms = [], $types = [])
{
$this->rooms = $rooms;
$this->types = $types;
@ -62,6 +62,34 @@ class ShiftsFilter
}
}
/**
* @return array
*/
public function sessionExport()
{
return [
'userShiftsAdmin' => $this->userShiftsAdmin,
'filled' => $this->filled,
'rooms' => $this->rooms,
'types' => $this->types,
'startTime' => $this->startTime,
'endTime' => $this->endTime,
];
}
/**
* @param array $data
*/
public function sessionImport($data)
{
$this->userShiftsAdmin = $data['userShiftsAdmin'];
$this->filled = $data['filled'];
$this->rooms = $data['rooms'];
$this->types = $data['types'];
$this->startTime = $data['startTime'];
$this->endTime = $data['endTime'];
}
/**
* @return int unix timestamp
*/

@ -177,18 +177,19 @@ function view_user_shifts()
$rooms = load_rooms();
$types = load_types();
if (!$session->has('ShiftsFilter')) {
if (!$session->has('shifts-filter')) {
$room_ids = [
$rooms[0]['id']
];
$type_ids = array_map('get_ids_from_array', $types);
$shiftsFilter = new ShiftsFilter(in_array('user_shifts_admin', $privileges), $room_ids, $type_ids);
$session->set('ShiftsFilter', $shiftsFilter);
$session->set('shifts-filter', $shiftsFilter->sessionExport());
}
/** @var ShiftsFilter $shiftsFilter */
$shiftsFilter = $session->get('ShiftsFilter');
$shiftsFilter = new ShiftsFilter();
$shiftsFilter->sessionImport($session->get('shifts-filter'));
update_ShiftsFilter($shiftsFilter, in_array('user_shifts_admin', $privileges), $days);
$session->set('shifts-filter', $shiftsFilter->sessionExport());
$shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter);

Loading…
Cancel
Save