From 28a09ed13e41ddbe5e30d63e92a1f5fb3395ef89 Mon Sep 17 00:00:00 2001
From: osmiy <osmiy@97f52cf1-0a1b-0410-bd0e-c28be96e8082>
Date: Mon, 23 Oct 2006 07:34:27 +0000
Subject:  - developed group permission system (Eugene)

git-svn-id: svn://svn.zabbix.com/trunk@3371 97f52cf1-0a1b-0410-bd0e-c28be96e8082
---
 frontends/php/include/validate.inc.php | 44 +++++++++++++++++++++-------------
 1 file changed, 27 insertions(+), 17 deletions(-)

(limited to 'frontends/php/include/validate.inc.php')

diff --git a/frontends/php/include/validate.inc.php b/frontends/php/include/validate.inc.php
index 39581101..dba4ffae 100644
--- a/frontends/php/include/validate.inc.php
+++ b/frontends/php/include/validate.inc.php
@@ -19,9 +19,9 @@
 **/
 ?>
 <?php
-	function unset_request($key)
+	function unset_request($key,$requester='unknown')
 	{
-//		SDI("unset: $key");
+//		SDI("unset [".$requester."]: $key");
 		unset($_REQUEST[$key]);
 	}
 
@@ -49,7 +49,7 @@
 	}
 
 	define("NOT_EMPTY","({}!='')&&");
-	define("DB_ID","({}>=0&&{}<=4294967295)&&");
+	define("DB_ID","({}>=0&&{}<=10000000000000000000)&&");
 
 //		VAR			TYPE	OPTIONAL FLAGS	VALIDATION	EXCEPTION
 
@@ -108,7 +108,7 @@
 		{
 			if(!isset($fields[$key]))
 			{
-				unset_request($key);
+				unset_request($key,'unset_not_in_list');
 			}
 		}
 	}
@@ -119,9 +119,9 @@
 		{
 			list($type,$opt,$flags,$validation,$exception)=$checks;
 
-			if(($flags&P_NZERO)&&(isset($_REQUEST[$field]))&&($_REQUEST[$field]==0))
+			if(($flags&P_NZERO)&&(isset($_REQUEST[$field]))&&(is_numeric($_REQUEST[$field]))&&($_REQUEST[$field]==0))
 			{
-				unset_request($field);
+				unset_request($field,'unset_if_zero');
 			}
 		}
 	}
@@ -135,7 +135,7 @@
 			
 			if(($flags&P_ACT)&&(isset($_REQUEST[$field])))
 			{
-				unset_request($field);
+				unset_request($field,'unset_action_vars');
 			}
 		}
 	}
@@ -144,7 +144,7 @@
 	{
 		foreach($_REQUEST as $key => $val)
 		{
-			unset_request($key);
+			unset_request($key,'unset_all');
 		}
 	}
 
@@ -250,7 +250,7 @@
 			if(!isset($_REQUEST[$field]))
 				return ZBX_VALID_OK;
 
-			unset_request($field);
+			unset_request($field,'O_NO');
 
 			if($flags&P_SYS)
 			{
@@ -300,9 +300,17 @@
 //		VAR			TYPE	OPTIONAL FLAGS	VALIDATION	EXCEPTION
 	$system_fields=array(
 		"sessionid"=>		array(T_ZBX_STR, O_OPT,	 P_SYS,	HEX(),NULL),
+		"switch_node"=>		array(T_ZBX_INT, O_OPT,	 P_SYS,	DB_ID,NULL),
 		"triggers_hash"=>	array(T_ZBX_STR, O_OPT,	 P_SYS,	NOT_EMPTY,NULL)
 	);
 
+	function	invalid_url()
+	{
+		unset_all();
+		show_error_message(S_INVALID_URL);
+		include_once "include/page_footer.php";
+	}
+	
 	function	check_fields(&$fields)
 	{
 
@@ -320,18 +328,20 @@
 
 		unset_not_in_list($fields);
 		unset_if_zero($fields);
-		if($err&ZBX_VALID_ERROR)
-		{
-			unset_all();
-			show_messages(FALSE, "", "Invalid URL");
-			show_page_footer();
-			exit;
-		}
 		if($err!=ZBX_VALID_OK)
 		{
 			unset_action_vars($fields);
 		}
-		show_infomsg();
+
+		$fields = null;
+		
+		if($err&ZBX_VALID_ERROR)
+		{
+			invalid_url();
+		}
+
+		show_messages();
+
 		return ($err==ZBX_VALID_OK ? 1 : 0);
 	}
 ?>
-- 
cgit