diff options
| author | hugetoad <hugetoad@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2005-10-24 05:20:19 +0000 |
|---|---|---|
| committer | hugetoad <hugetoad@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2005-10-24 05:20:19 +0000 |
| commit | 9a1e779bc865fddde2adc39dde378f0a0439594a (patch) | |
| tree | 472789ea587b232cb705de4a9f9783002a169566 /frontends/php/users.php | |
| parent | b9e14335fe68cdd6251239883f141a0e0556ac6b (diff) | |
- all $_GET and $_POST replaced by $_REQUEST. Thanks to James Wells. (Alexei)
git-svn-id: svn://svn.zabbix.com/trunk@2215 97f52cf1-0a1b-0410-bd0e-c28be96e8082
Diffstat (limited to 'frontends/php/users.php')
| -rw-r--r-- | frontends/php/users.php | 88 |
1 files changed, 44 insertions, 44 deletions
diff --git a/frontends/php/users.php b/frontends/php/users.php index fe68f2cf..9089a125 100644 --- a/frontends/php/users.php +++ b/frontends/php/users.php @@ -37,8 +37,8 @@ exit; } - $_GET["config"]=@iif(isset($_GET["config"]),$_GET["config"],get_profile("web.users.config",0)); - update_profile("web.users.config",$_GET["config"]); + $_REQUEST["config"]=@iif(isset($_REQUEST["config"]),$_REQUEST["config"],get_profile("web.users.config",0)); + update_profile("web.users.config",$_REQUEST["config"]); ?> <?php @@ -46,91 +46,91 @@ ?> <?php - if(isset($_GET["register"])) + if(isset($_REQUEST["register"])) { - if($_GET["register"]=="add") + if($_REQUEST["register"]=="add") { - if($_GET["password1"]==$_GET["password2"]) + if($_REQUEST["password1"]==$_REQUEST["password2"]) { - $result=add_user($_GET["name"],$_GET["surname"],$_GET["alias"],$_GET["password1"],$_GET["url"],$_GET["autologout"],$_GET["lang"]); + $result=add_user($_REQUEST["name"],$_REQUEST["surname"],$_REQUEST["alias"],$_REQUEST["password1"],$_REQUEST["url"],$_REQUEST["autologout"],$_REQUEST["lang"]); show_messages($result, S_USER_ADDED, S_CANNOT_ADD_USER); if($result) - add_audit(AUDIT_ACTION_ADD,AUDIT_RESOURCE_USER,"User alias [".addslashes($_GET["alias"])."] name [".addslashes($_GET["name"])."] surname [".addslashes($_GET["surname"])."]]"); + add_audit(AUDIT_ACTION_ADD,AUDIT_RESOURCE_USER,"User alias [".addslashes($_REQUEST["alias"])."] name [".addslashes($_REQUEST["name"])."] surname [".addslashes($_REQUEST["surname"])."]]"); } else { show_error_message(S_CANNOT_ADD_USER_BOTH_PASSWORDS_MUST); } } - if($_GET["register"]=="delete") + if($_REQUEST["register"]=="delete") { - $user=get_user_by_userid($_GET["userid"]); - $result=delete_user($_GET["userid"]); + $user=get_user_by_userid($_REQUEST["userid"]); + $result=delete_user($_REQUEST["userid"]); show_messages($result, S_USER_DELETED, S_CANNOT_DELETE_USER); if($result) add_audit(AUDIT_ACTION_DELETE,AUDIT_RESOURCE_USER,"User alias [".$user["alias"]."] name [".$user["name"]."] surname [".$user["surname"]."]"); unset($userid); } - if($_GET["register"]=="delete_permission") + if($_REQUEST["register"]=="delete_permission") { - $result=delete_permission($_GET["rightid"]); + $result=delete_permission($_REQUEST["rightid"]); show_messages($result, S_PERMISSION_DELETED, S_CANNOT_DELETE_PERMISSION); unset($rightid); } - if($_GET["register"]=="add permission") + if($_REQUEST["register"]=="add permission") { - $result=add_permission($_GET["userid"],$_GET["right"],$_GET["permission"],$_GET["id"]); + $result=add_permission($_REQUEST["userid"],$_REQUEST["right"],$_REQUEST["permission"],$_REQUEST["id"]); show_messages($result, S_PERMISSION_ADDED, S_CANNOT_ADD_PERMISSION); } - if($_GET["register"]=="update") + if($_REQUEST["register"]=="update") { - if($_GET["password1"]==$_GET["password2"]) + if($_REQUEST["password1"]==$_REQUEST["password2"]) { - $result=update_user($_GET["userid"],$_GET["name"],$_GET["surname"],$_GET["alias"],$_GET["password1"],$_GET["url"],$_GET["autologout"],$_GET["lang"]); + $result=update_user($_REQUEST["userid"],$_REQUEST["name"],$_REQUEST["surname"],$_REQUEST["alias"],$_REQUEST["password1"],$_REQUEST["url"],$_REQUEST["autologout"],$_REQUEST["lang"]); show_messages($result, S_USER_UPDATED, S_CANNOT_UPDATE_USER); if($result) - add_audit(AUDIT_ACTION_UPDATE,AUDIT_RESOURCE_USER,"User alias [".addslashes($_GET["alias"])."] name [".addslashes($_GET["name"])."] surname [".addslashes($_GET["surname"])."]]"); + add_audit(AUDIT_ACTION_UPDATE,AUDIT_RESOURCE_USER,"User alias [".addslashes($_REQUEST["alias"])."] name [".addslashes($_REQUEST["name"])."] surname [".addslashes($_REQUEST["surname"])."]]"); } else { show_error_message(S_CANNOT_UPDATE_USER_BOTH_PASSWORDS); } } - if($_GET["register"]=="add group") + if($_REQUEST["register"]=="add group") { $users=array(); $result=DBselect("select userid from users"); while($row=DBfetch($result)) { - if(isset($_GET[$row["userid"]])) + if(isset($_REQUEST[$row["userid"]])) { $users=array_merge($users,array($row["userid"])); } } -// $result=add_user_group($_GET["name"], $_GET["users"]); - $result=add_user_group($_GET["name"], $users); +// $result=add_user_group($_REQUEST["name"], $_REQUEST["users"]); + $result=add_user_group($_REQUEST["name"], $users); show_messages($result, S_GROUP_ADDED, S_CANNOT_ADD_GROUP); } - if($_GET["register"]=="update group") + if($_REQUEST["register"]=="update group") { $users=array(); $result=DBselect("select userid from users"); while($row=DBfetch($result)) { - if(isset($_GET[$row["userid"]])) + if(isset($_REQUEST[$row["userid"]])) { $users=array_merge($users,array($row["userid"])); } } -// $result=update_user_group($_GET["usrgrpid"], $_GET["name"], $_GET["users"]); - $result=update_user_group($_GET["usrgrpid"], $_GET["name"], $users); +// $result=update_user_group($_REQUEST["usrgrpid"], $_REQUEST["name"], $_REQUEST["users"]); + $result=update_user_group($_REQUEST["usrgrpid"], $_REQUEST["name"], $users); show_messages($result, S_GROUP_UPDATED, S_CANNOT_UPDATE_GROUP); } - if($_GET["register"]=="delete group") + if($_REQUEST["register"]=="delete group") { - $result=delete_user_group($_GET["usrgrpid"]); + $result=delete_user_group($_REQUEST["usrgrpid"]); show_messages($result, S_GROUP_DELETED, S_CANNOT_DELETE_GROUP); - unset($_GET["usrgrpid"]); + unset($_REQUEST["usrgrpid"]); } } ?> @@ -139,9 +139,9 @@ ?> <?php - if(!isset($_GET["config"])) + if(!isset($_REQUEST["config"])) { - $_GET["config"]=0; + $_REQUEST["config"]=0; } $h1=S_CONFIGURATION_OF_USERS_AND_USER_GROUPS; @@ -157,7 +157,7 @@ ?> <?php - if($_GET["config"]==1) + if($_REQUEST["config"]==1) { echo "<br>"; show_table_header(S_USER_GROUPS_BIG); @@ -182,7 +182,7 @@ $users=$users.", "; } } - $actions="<A HREF=\"users.php?config=".$_GET["config"]."&usrgrpid=".$row["usrgrpid"]."#form\">".S_CHANGE."</A>"; + $actions="<A HREF=\"users.php?config=".$_REQUEST["config"]."&usrgrpid=".$row["usrgrpid"]."#form\">".S_CHANGE."</A>"; table_row(array( $row["usrgrpid"], $row["name"], @@ -201,7 +201,7 @@ ?> <?php - if($_GET["config"]==0) + if($_REQUEST["config"]==0) { echo "<br>"; show_table_header(S_USERS_BIG); @@ -229,11 +229,11 @@ { if(get_media_count_by_userid($row["userid"])>0) { - $actions="<A HREF=\"users.php?register=change&config=".$_GET["config"]."&userid=".$row["userid"]."#form\">".S_CHANGE."</A> :: <A HREF=\"media.php?userid=".$row["userid"]."\"><b>M</b>edia</A>"; + $actions="<A HREF=\"users.php?register=change&config=".$_REQUEST["config"]."&userid=".$row["userid"]."#form\">".S_CHANGE."</A> :: <A HREF=\"media.php?userid=".$row["userid"]."\"><b>M</b>edia</A>"; } else { - $actions="<A HREF=\"users.php?register=change&config=".$_GET["config"]."&userid=".$row["userid"]."#form\">".S_CHANGE."</A> :: <A HREF=\"media.php?userid=".$row["userid"]."\">".S_MEDIA."</A>"; + $actions="<A HREF=\"users.php?register=change&config=".$_REQUEST["config"]."&userid=".$row["userid"]."#form\">".S_CHANGE."</A> :: <A HREF=\"media.php?userid=".$row["userid"]."\">".S_MEDIA."</A>"; } } else @@ -261,14 +261,14 @@ ?> <?php - if(isset($_GET["userid"])&&($_GET["config"]==0)) + if(isset($_REQUEST["userid"])&&($_REQUEST["config"]==0)) { echo "<a name=\"form\"></a>"; show_table_header("USER PERMISSIONS"); table_begin(); table_header(array(S_PERMISSION,S_RIGHT,S_RESOURCE_NAME,S_ACTIONS)); - $result=DBselect("select rightid,name,permission,id from rights where userid=".$_GET["userid"]." order by name,permission,id"); + $result=DBselect("select rightid,name,permission,id from rights where userid=".$_REQUEST["userid"]." order by name,permission,id"); $col=0; while($row=DBfetch($result)) { @@ -292,7 +292,7 @@ { $permission=$row["permission"]; } - $actions="<A HREF=users.php?userid=".$_GET["userid"]."&rightid=".$row["rightid"]."®ister=delete_permission>".S_DELETE."</A>"; + $actions="<A HREF=users.php?userid=".$_REQUEST["userid"]."&rightid=".$row["rightid"]."®ister=delete_permission>".S_DELETE."</A>"; table_row(array( $row["name"], $permission, @@ -302,20 +302,20 @@ } table_end(); - insert_permissions_form($_GET["userid"]); + insert_permissions_form($_REQUEST["userid"]); } ?> <?php - if($_GET["config"]==1) + if($_REQUEST["config"]==1) { - @insert_usergroups_form($_GET["usrgrpid"]); + @insert_usergroups_form($_REQUEST["usrgrpid"]); } - if($_GET["config"]==0) + if($_REQUEST["config"]==0) { - @insert_user_form($_GET["userid"]); + @insert_user_form($_REQUEST["userid"]); } ?> |