Mercurial > hg > fapweb
changeset 758:3b973041f6bb
Few fixes to entry data validation.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Thu, 20 Nov 2014 09:19:16 +0200 |
parents | 3622720909c4 |
children | 3069a13e78dd |
files | admajax.php |
diffstat | 1 files changed, 13 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/admajax.php Thu Nov 20 09:03:33 2014 +0200 +++ b/admajax.php Thu Nov 20 09:19:16 2014 +0200 @@ -82,15 +82,23 @@ array(CHK_TYPE, VT_TEXT, "Invalid data."), array(CHK_LTEQ, VT_STR, SET_LEN_ENTRY_INFO, "Entry info too long.")); - stChkRequestItemFail("preview_type", $fake, $res, - array(CHK_TYPE, VT_INT, "Invalid data."), - array(CHK_RANGE, VT_INT, array(EPREV_NONE, EPREV_AUDIO), "Invalid preview type value.")); + if ($full) + { + stChkRequestItemFail("preview_type", $fake, $res, + array(CHK_TYPE, VT_INT, "Invalid data."), + array(CHK_RANGE, VT_INT, array(EPREV_NONE, EPREV_AUDIO), "Invalid preview type value.")); + } break; case COMPO_POINTS: + stChkRequestItemFail("evalue", $fake, $res, + array(CHK_TYPE, VT_INT, "Invalid points, must be a integer.")); + break; + case COMPO_ASSIGN: stChkRequestItemFail("evalue", $fake, $res, - array(CHK_TYPE, VT_INT, "Invalid evalue.")); + array(CHK_TYPE, VT_INT, "Invalid position, must be a integer."), + array(CHK_GTEQ, VT_INT, 1, "Invalid position, must be > 0.")); break; } @@ -1581,7 +1589,7 @@ if (($compo = stFetchSQL(stPrepareSQL("SELECT * FROM compos WHERE id=%D", "compo_id"))) === FALSE) stError("No such compo ID."); else - if (stValidateRequestEntryData($cfake, TRUE, $compo["ctype"])) + if (stValidateRequestEntryData($cfake, FALSE, $compo["ctype"])) { switch ($compo["ctype"]) {