standardebooks/web
1
0
Fork 0
mirror of https://github.com/standardebooks/web.git synced 2025-07-13 18:11:52 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Define some constants to make HTTP input code less wordy

Browse source
This commit is contained in:
Alex Cabal 2024-05-12 12:29:30 -05:00
parent ee7c8343dd
commit 110c091a7b
36 changed files with 87 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

32
lib/Artwork.php
View file

@ -876,23 +876,23 @@ class Artwork{
$artwork = new Artwork();
$artwork->Artist = new Artist();
$artwork->Artist->Name = HttpInput::Str(HttpVariableSource::Post, 'artist-name');
$artwork->Artist->DeathYear = HttpInput::Int(HttpVariableSource::Post, 'artist-year-of-death');
$artwork->Artist->Name = HttpInput::Str(POST, 'artist-name');
$artwork->Artist->DeathYear = HttpInput::Int(POST, 'artist-year-of-death');
$artwork->Name = HttpInput::Str(HttpVariableSource::Post, 'artwork-name');
$artwork->CompletedYear = HttpInput::Int(HttpVariableSource::Post, 'artwork-year');
$artwork->CompletedYearIsCirca = HttpInput::Bool(HttpVariableSource::Post, 'artwork-year-is-circa') ?? false;
$artwork->Tags = HttpInput::Str(HttpVariableSource::Post, 'artwork-tags') ?? [];
$artwork->Status = ArtworkStatus::tryFrom(HttpInput::Str(HttpVariableSource::Post, 'artwork-status') ?? '') ?? ArtworkStatus::Unverified;
$artwork->EbookUrl = HttpInput::Str(HttpVariableSource::Post, 'artwork-ebook-url');
$artwork->IsPublishedInUs = HttpInput::Bool(HttpVariableSource::Post, 'artwork-is-published-in-us') ?? false;
$artwork->PublicationYear = HttpInput::Int(HttpVariableSource::Post, 'artwork-publication-year');
$artwork->PublicationYearPageUrl = HttpInput::Str(HttpVariableSource::Post, 'artwork-publication-year-page-url');
$artwork->CopyrightPageUrl = HttpInput::Str(HttpVariableSource::Post, 'artwork-copyright-page-url');
$artwork->ArtworkPageUrl = HttpInput::Str(HttpVariableSource::Post, 'artwork-artwork-page-url');
$artwork->MuseumUrl = HttpInput::Str(HttpVariableSource::Post, 'artwork-museum-url');
$artwork->Exception = HttpInput::Str(HttpVariableSource::Post, 'artwork-exception');
$artwork->Notes = HttpInput::Str(HttpVariableSource::Post, 'artwork-notes');
$artwork->Name = HttpInput::Str(POST, 'artwork-name');
$artwork->CompletedYear = HttpInput::Int(POST, 'artwork-year');
$artwork->CompletedYearIsCirca = HttpInput::Bool(POST, 'artwork-year-is-circa') ?? false;
$artwork->Tags = HttpInput::Str(POST, 'artwork-tags') ?? [];
$artwork->Status = ArtworkStatus::tryFrom(HttpInput::Str(POST, 'artwork-status') ?? '') ?? ArtworkStatus::Unverified;
$artwork->EbookUrl = HttpInput::Str(POST, 'artwork-ebook-url');
$artwork->IsPublishedInUs = HttpInput::Bool(POST, 'artwork-is-published-in-us') ?? false;
$artwork->PublicationYear = HttpInput::Int(POST, 'artwork-publication-year');
$artwork->PublicationYearPageUrl = HttpInput::Str(POST, 'artwork-publication-year-page-url');
$artwork->CopyrightPageUrl = HttpInput::Str(POST, 'artwork-copyright-page-url');
$artwork->ArtworkPageUrl = HttpInput::Str(POST, 'artwork-artwork-page-url');
$artwork->MuseumUrl = HttpInput::Str(POST, 'artwork-museum-url');
$artwork->Exception = HttpInput::Str(POST, 'artwork-exception');
$artwork->Notes = HttpInput::Str(POST, 'artwork-notes');
return $artwork;
}

6
lib/Constants.php
View file

@ -44,6 +44,12 @@ const ARTWORK_IMAGE_MINIMUM_HEIGHT = 300;
const CAPTCHA_IMAGE_HEIGHT = 72;
const CAPTCHA_IMAGE_WIDTH = 230;
// These are defined for convenience, so that getting HTTP input isn't so wordy
const GET = HttpVariableSource::Get;
const POST = HttpVariableSource::Post;
const SESSION = HttpVariableSource::Session;
const COOKIE = HttpVariableSource::Cookie;
define('NO_REPLY_EMAIL_ADDRESS', get_cfg_var('se.secrets.email.no_reply_address'));
define('ADMIN_EMAIL_ADDRESS', get_cfg_var('se.secrets.email.admin_address'));
define('EDITOR_IN_CHIEF_EMAIL_ADDRESS', get_cfg_var('se.secrets.email.editor_in_chief_address'));

7
lib/Session.php
View file

@ -1,9 +1,6 @@
<?
use Exceptions\InvalidLoginException;
use Exceptions\PasswordRequiredException;
use Ramsey\Uuid\Uuid;
use Safe\DateTimeImmutable;
use Safe\Exceptions\DatetimeException;
use function Safe\strtotime;
@ -76,12 +73,12 @@ class Session{
self::SetSessionCookie($this->SessionId);
}
catch(Exceptions\UserNotFoundException){
throw new InvalidLoginException();
throw new Exceptions\InvalidLoginException();
}
}
public static function GetLoggedInUser(): ?User{
$sessionId = HttpInput::Str(HttpVariableSource::Cookie, 'sessionid');
$sessionId = HttpInput::Str(COOKIE, 'sessionid');
if($sessionId !== null){
$result = Db::Query('

2
www/artists/get.php
View file

@ -14,7 +14,7 @@ if($isSubmitterView){
}
try{
$artworks = Library::GetArtworksByArtist(HttpInput::Str(HttpVariableSource::Get, 'artist-url-name'), $filterArtworkStatus, $submitterUserId);
$artworks = Library::GetArtworksByArtist(HttpInput::Str(GET, 'artist-url-name'), $filterArtworkStatus, $submitterUserId);
if(sizeof($artworks) == 0){
throw new Exceptions\ArtistNotFoundException();

2
www/artworks/edit.php
View file

@ -13,7 +13,7 @@ try{
}
if($artwork === null){
$artwork = Artwork::GetByUrl(HttpInput::Str(HttpVariableSource::Get, 'artist-url-name'), HttpInput::Str(HttpVariableSource::Get, 'artwork-url-name'));
$artwork = Artwork::GetByUrl(HttpInput::Str(GET, 'artist-url-name'), HttpInput::Str(GET, 'artwork-url-name'));
}
if(!$artwork->CanBeEditedBy($GLOBALS['User'])){

4
www/artworks/get.php
View file

@ -3,11 +3,11 @@ use function Safe\session_unset;
session_start();
$saved = HttpInput::Bool(HttpVariableSource::Session, 'artwork-saved') ?? false;
$saved = HttpInput::Bool(SESSION, 'artwork-saved') ?? false;
$exception = $_SESSION['exception'] ?? null;
try{
$artwork = Artwork::GetByUrl(HttpInput::Str(HttpVariableSource::Get, 'artist-url-name'), HttpInput::Str(HttpVariableSource::Get, 'artwork-url-name'));
$artwork = Artwork::GetByUrl(HttpInput::Str(GET, 'artist-url-name'), HttpInput::Str(GET, 'artwork-url-name'));
$isReviewerView = $GLOBALS['User']->Benefits->CanReviewArtwork ?? false;
$isAdminView = $GLOBALS['User']->Benefits->CanReviewOwnArtwork ?? false;

12
www/artworks/index.php
View file

@ -1,11 +1,11 @@
<?
$page = HttpInput::Int(HttpVariableSource::Get, 'page') ?? 1;
$perPage = HttpInput::Int(HttpVariableSource::Get, 'per-page') ?? ARTWORK_PER_PAGE;
$query = HttpInput::Str(HttpVariableSource::Get, 'query');
$queryEbookUrl = HttpInput::Str(HttpVariableSource::Get, 'query-ebook-url');
$status = HttpInput::Str(HttpVariableSource::Get, 'status');
$page = HttpInput::Int(GET, 'page') ?? 1;
$perPage = HttpInput::Int(GET, 'per-page') ?? ARTWORK_PER_PAGE;
$query = HttpInput::Str(GET, 'query');
$queryEbookUrl = HttpInput::Str(GET, 'query-ebook-url');
$status = HttpInput::Str(GET, 'status');
$filterArtworkStatus = $status;
$sort = ArtworkSort::tryFrom(HttpInput::Str(HttpVariableSource::Get, 'sort') ?? '');
$sort = ArtworkSort::tryFrom(HttpInput::Str(GET, 'sort') ?? '');
$pages = 0;
$totalArtworkCount = 0;
$pageDescription = '';

2
www/artworks/new.php
View file

@ -3,7 +3,7 @@ use function Safe\session_unset;
session_start();
$created = HttpInput::Bool(HttpVariableSource::Session, 'artwork-created') ?? false;
$created = HttpInput::Bool(SESSION, 'artwork-created') ?? false;
$exception = $_SESSION['exception'] ?? null;
/** @var Artwork $artwork */
$artwork = $_SESSION['artwork'] ?? null;

10
www/artworks/post.php
View file

@ -53,7 +53,7 @@ try{
// PUTing an artwork
if($httpMethod == HttpMethod::Put){
$originalArtwork = Artwork::GetByUrl(HttpInput::Str(HttpVariableSource::Get, 'artist-url-name'), HttpInput::Str(HttpVariableSource::Get, 'artwork-url-name'));
$originalArtwork = Artwork::GetByUrl(HttpInput::Str(GET, 'artist-url-name'), HttpInput::Str(GET, 'artwork-url-name'));
if(!$originalArtwork->CanBeEditedBy($GLOBALS['User'])){
throw new Exceptions\InvalidPermissionsException();
@ -67,7 +67,7 @@ try{
$artwork->SubmitterUserId = $originalArtwork->SubmitterUserId;
$artwork->Status = $originalArtwork->Status; // Overwrite any value got from POST because we need permission to change the status
$newStatus = ArtworkStatus::tryFrom(HttpInput::Str(HttpVariableSource::Post, 'artwork-status') ?? '');
$newStatus = ArtworkStatus::tryFrom(HttpInput::Str(POST, 'artwork-status') ?? '');
if($newStatus !== null){
if($originalArtwork->Status != $newStatus && !$originalArtwork->CanStatusBeChangedBy($GLOBALS['User'])){
throw new Exceptions\InvalidPermissionsException();
@ -102,13 +102,13 @@ try{
// PATCHing a new artwork
if($httpMethod == HttpMethod::Patch){
$artwork = Artwork::GetByUrl(HttpInput::Str(HttpVariableSource::Get, 'artist-url-name'), HttpInput::Str(HttpVariableSource::Get, 'artwork-url-name'));
$artwork = Artwork::GetByUrl(HttpInput::Str(GET, 'artist-url-name'), HttpInput::Str(GET, 'artwork-url-name'));
$exceptionRedirectUrl = $artwork->Url;
// We can PATCH the status, the ebook www filesystem path, or both.
if(isset($_POST['artwork-status'])){
$newStatus = ArtworkStatus::tryFrom(HttpInput::Str(HttpVariableSource::Post, 'artwork-status') ?? '');
$newStatus = ArtworkStatus::tryFrom(HttpInput::Str(POST, 'artwork-status') ?? '');
if($newStatus !== null){
if($artwork->Status != $newStatus && !$artwork->CanStatusBeChangedBy($GLOBALS['User'])){
throw new Exceptions\InvalidPermissionsException();
@ -121,7 +121,7 @@ try{
}
if(isset($_POST['artwork-ebook-url'])){
$newEbookUrl = HttpInput::Str(HttpVariableSource::Post, 'artwork-ebook-url');
$newEbookUrl = HttpInput::Str(POST, 'artwork-ebook-url');
if($artwork->EbookUrl != $newEbookUrl && !$artwork->CanEbookUrlBeChangedBy($GLOBALS['User'])){
throw new Exceptions\InvalidPermissionsException();
}

2
www/bulk-downloads/collection.php
View file

@ -3,7 +3,7 @@ use function Safe\apcu_fetch;
use function Safe\preg_replace;
$canDownload = false;
$class = HttpInput::Str(HttpVariableSource::Get, 'class');
$class = HttpInput::Str(GET, 'class');
if($class === null || ($class != 'authors' && $class != 'collections' && $class != 'subjects' && $class != 'months')){
Template::Emit404();

2
www/bulk-downloads/download.php
View file

@ -1,7 +1,7 @@
<?
use function Safe\preg_match;
$path = HttpInput::Str(HttpVariableSource::Get, 'path') ?? '';
$path = HttpInput::Str(GET, 'path') ?? '';
try{
$path = '/bulk-downloads/' . $path;

4
www/bulk-downloads/get.php
View file

@ -2,9 +2,9 @@
use function Safe\apcu_fetch;
$collection = null;
$collectionUrlName = HttpInput::Str(HttpVariableSource::Get, 'collection');
$collectionUrlName = HttpInput::Str(GET, 'collection');
$collection = null;
$authorUrlName = HttpInput::Str(HttpVariableSource::Get, 'author');
$authorUrlName = HttpInput::Str(GET, 'author');
$canDownload = false;
try{

2
www/collections/get.php
View file

@ -2,7 +2,7 @@
use function Safe\preg_replace;
try{
$collection = HttpInput::Str(HttpVariableSource::Get, 'collection') ?? '';
$collection = HttpInput::Str(GET, 'collection') ?? '';
$collectionObject = null;
$collectionName = '';
$collectionType = '';

2
www/ebooks/author.php
View file

@ -4,7 +4,7 @@ $author = '';
$authorUrl = '';
try{
$urlPath = trim(str_replace('.', '', HttpInput::Str(HttpVariableSource::Get, 'url-path') ?? ''), '/'); // Contains the portion of the URL (without query string) that comes after https://standardebooks.org/ebooks/
$urlPath = trim(str_replace('.', '', HttpInput::Str(GET, 'url-path') ?? ''), '/'); // Contains the portion of the URL (without query string) that comes after https://standardebooks.org/ebooks/
$wwwFilesystemPath = EBOOKS_DIST_PATH . $urlPath; // Path to the deployed WWW files for this ebook
if($urlPath == '' || mb_stripos($wwwFilesystemPath, EBOOKS_DIST_PATH) !== 0 || !is_dir($wwwFilesystemPath)){

4
www/ebooks/download.php
View file

@ -10,8 +10,8 @@ $showThankYouPage = $GLOBALS['User'] === null && $downloadCount < 5;
$downloadUrl = null;
try{
$urlPath = HttpInput::Str(HttpVariableSource::Get, 'url-path') ?? null;
$format = EbookFormat::tryFrom(HttpInput::Str(HttpVariableSource::Get, 'format') ?? '') ?? EbookFormat::Epub;
$urlPath = HttpInput::Str(GET, 'url-path') ?? null;
$format = EbookFormat::tryFrom(HttpInput::Str(GET, 'format') ?? '') ?? EbookFormat::Epub;
$wwwFilesystemPath = EBOOKS_DIST_PATH . $urlPath;
// Do we have the ebook cached?

2
www/ebooks/ebook.php
View file

@ -14,7 +14,7 @@ $carousel = [];
$carouselTag = null;
try{
$urlPath = trim(str_replace('.', '', HttpInput::Str(HttpVariableSource::Get, 'url-path') ?? ''), '/'); // Contains the portion of the URL (without query string) that comes after https://standardebooks.org/ebooks/
$urlPath = trim(str_replace('.', '', HttpInput::Str(GET, 'url-path') ?? ''), '/'); // Contains the portion of the URL (without query string) that comes after https://standardebooks.org/ebooks/
$wwwFilesystemPath = EBOOKS_DIST_PATH . $urlPath; // Path to the deployed WWW files for this ebook
if($urlPath == '' || mb_stripos($wwwFilesystemPath, EBOOKS_DIST_PATH) !== 0){

12
www/ebooks/index.php
View file

@ -1,13 +1,13 @@
<?
use function Safe\preg_replace;
$page = HttpInput::Int(HttpVariableSource::Get, 'page') ?? 1;
$page = HttpInput::Int(GET, 'page') ?? 1;
$pages = 0;
$perPage = HttpInput::Int(HttpVariableSource::Get, 'per-page') ?? EBOOKS_PER_PAGE;
$query = HttpInput::Str(HttpVariableSource::Get, 'query') ?? '';
$tags = HttpInput::Array(HttpVariableSource::Get, 'tags') ?? [];
$view = ViewType::tryFrom(HttpInput::Str(HttpVariableSource::Get, 'view') ?? '');
$sort = EbookSort::tryFrom(HttpInput::Str(HttpVariableSource::Get, 'sort') ?? '');
$perPage = HttpInput::Int(GET, 'per-page') ?? EBOOKS_PER_PAGE;
$query = HttpInput::Str(GET, 'query') ?? '';
$tags = HttpInput::Array(GET, 'tags') ?? [];
$view = ViewType::tryFrom(HttpInput::Str(GET, 'view') ?? '');
$sort = EbookSort::tryFrom(HttpInput::Str(GET, 'sort') ?? '');
$queryString = '';
$queryStringParams = [];
$queryStringWithoutPage = '';

2
www/feeds/atom/search.php
View file

@ -4,7 +4,7 @@ use Safe\DateTimeImmutable;
$ebooks = [];
try{
$query = HttpInput::Str(HttpVariableSource::Get, 'query') ?? '';
$query = HttpInput::Str(GET, 'query') ?? '';
if($query !== ''){
$ebooks = Library::Search($query);

6
www/feeds/collection.php
View file

@ -1,11 +1,9 @@
<?
use function Safe\apcu_fetch;
use function Safe\glob;
use function Safe\preg_replace;
use function Safe\usort;
$class = HttpInput::Str(HttpVariableSource::Get, 'class') ?? '';
$type = HttpInput::Str(HttpVariableSource::Get, 'type') ?? '';
$class = HttpInput::Str(GET, 'class') ?? '';
$type = HttpInput::Str(GET, 'type') ?? '';
if($class != 'authors' && $class != 'collections' && $class != 'subjects'){
Template::Emit404();

2
www/feeds/download.php
View file

@ -5,7 +5,7 @@ use function Safe\preg_match;
// Basic authorization is handled in Core.php. By the time we get here,
// a valid user has a session.
$path = HttpInput::Str(HttpVariableSource::Get, 'path') ?? '';
$path = HttpInput::Str(GET, 'path') ?? '';
try{
$path = '/feeds/' . $path;

4
www/feeds/get.php
View file

@ -1,8 +1,8 @@
<?
use function Safe\exec;
$author = HttpInput::Str(HttpVariableSource::Get, 'author');
$collection = HttpInput::Str(HttpVariableSource::Get, 'collection');
$author = HttpInput::Str(GET, 'author');
$collection = HttpInput::Str(GET, 'collection');
$name = null;
$target = null;
$feedTypes = ['opds', 'atom', 'rss'];

2
www/feeds/opds/search.php
View file

@ -4,7 +4,7 @@ use Safe\DateTimeImmutable;
$ebooks = [];
try{
$query = HttpInput::Str(HttpVariableSource::Get, 'query') ?? '';
$query = HttpInput::Str(GET, 'query') ?? '';
if($query !== ''){
$ebooks = Library::Search($query);

2
www/feeds/rss/search.php
View file

@ -4,7 +4,7 @@ use Safe\DateTimeImmutable;
$ebooks = [];
try{
$query = HttpInput::Str(HttpVariableSource::Get, 'query') ?? '';
$query = HttpInput::Str(GET, 'query') ?? '';
if($query !== ''){
$ebooks = Library::Search($query);

2
www/manual/index.php
View file

@ -7,7 +7,7 @@ use function Safe\sort;
$currentManual = Manual::GetLatestVersion();
$url = HttpInput::Str(HttpVariableSource::Get, 'url') ?? '';
$url = HttpInput::Str(GET, 'url') ?? '';
$url = preg_replace('|^/|ius', '', $url);
$url = preg_replace('|\.php$|ius', '', $url);
$url = preg_replace('|/$|ius', '', $url);

2
www/newsletter/subscriptions/confirm.php
View file

@ -4,7 +4,7 @@ session_start();
$subscription = new NewsletterSubscription();
try{
$subscription = NewsletterSubscription::Get(HttpInput::Str(HttpVariableSource::Get, 'uuid'));
$subscription = NewsletterSubscription::Get(HttpInput::Str(GET, 'uuid'));
if(!$subscription->IsConfirmed){
$subscription->Confirm();

2
www/newsletter/subscriptions/delete.php
View file

@ -5,7 +5,7 @@ try{
$requestType = HttpInput::RequestType();
$subscription = NewsletterSubscription::Get(HttpInput::Str(HttpVariableSource::Get, 'uuid'));
$subscription = NewsletterSubscription::Get(HttpInput::Str(GET, 'uuid'));
$subscription->Delete();
if($requestType == HttpRequestType::Rest){

2
www/newsletter/subscriptions/get.php
View file

@ -13,7 +13,7 @@ try{
$created = true;
}
else{
$subscription = NewsletterSubscription::Get(HttpInput::Str(HttpVariableSource::Get, 'uuid'));
$subscription = NewsletterSubscription::Get(HttpInput::Str(GET, 'uuid'));
if(isset($_SESSION['subscription-created']) && $_SESSION['subscription-created'] == $subscription->UserId){
$created = true;

12
www/newsletter/subscriptions/post.php
View file

@ -11,7 +11,7 @@ try{
$subscription = new NewsletterSubscription();
if(HttpInput::Str(HttpVariableSource::Post, 'automationtest')){
if(HttpInput::Str(POST, 'automationtest')){
// A bot filled out this form field, which should always be empty. Pretend like we succeeded.
if($requestType == HttpRequestType::Web){
http_response_code(303);
@ -32,12 +32,12 @@ try{
$subscription->User = new User();
$subscription->User->Email = HttpInput::Str(HttpVariableSource::Post, 'email');
$subscription->IsSubscribedToNewsletter = HttpInput::Bool(HttpVariableSource::Post, 'issubscribedtonewsletter') ?? false;
$subscription->IsSubscribedToSummary = HttpInput::Bool(HttpVariableSource::Post, 'issubscribedtosummary') ?? false;
$subscription->User->Email = HttpInput::Str(POST, 'email');
$subscription->IsSubscribedToNewsletter = HttpInput::Bool(POST, 'issubscribedtonewsletter') ?? false;
$subscription->IsSubscribedToSummary = HttpInput::Bool(POST, 'issubscribedtosummary') ?? false;
$expectedCaptcha = HttpInput::Str(HttpVariableSource::Session, 'captcha') ?? '';
$receivedCaptcha = HttpInput::Str(HttpVariableSource::Post, 'captcha');
$expectedCaptcha = HttpInput::Str(SESSION, 'captcha') ?? '';
$receivedCaptcha = HttpInput::Str(POST, 'captcha');
$subscription->Create($expectedCaptcha, $receivedCaptcha);

2
www/polls/get.php
View file

@ -5,7 +5,7 @@ $poll = new Poll();
$canVote = true; // Allow non-logged-in users to see the 'vote' button
try{
$poll = Poll::GetByUrlName(HttpInput::Str(HttpVariableSource::Get, 'pollurlname'));
$poll = Poll::GetByUrlName(HttpInput::Str(GET, 'pollurlname'));
if(!$poll->IsActive() && $poll->End !== null && $poll->End < new DateTimeImmutable()){
// If the poll ended, redirect to the results

2
www/polls/votes/get.php
View file

@ -7,7 +7,7 @@ $vote = new PollVote();
$created = false;
try{
$vote = PollVote::Get(HttpInput::Str(HttpVariableSource::Get, 'pollurlname'), HttpInput::Int(HttpVariableSource::Get, 'userid'));
$vote = PollVote::Get(HttpInput::Str(GET, 'pollurlname'), HttpInput::Int(GET, 'userid'));
if(isset($_SESSION['vote-created']) && $_SESSION['vote-created'] == $vote->UserId){
$created = true;

2
www/polls/votes/index.php
View file

@ -2,7 +2,7 @@
$poll = new Poll();
try{
$poll = Poll::GetByUrlName(HttpInput::Str(HttpVariableSource::Get, 'pollurlname'));
$poll = Poll::GetByUrlName(HttpInput::Str(GET, 'pollurlname'));
}
catch(Exceptions\AppException){
Template::Emit404();

2
www/polls/votes/new.php
View file

@ -19,7 +19,7 @@ try{
$vote->User = $GLOBALS['User'];
}
$poll = Poll::GetByUrlName(HttpInput::Str(HttpVariableSource::Get, 'pollurlname'));
$poll = Poll::GetByUrlName(HttpInput::Str(GET, 'pollurlname'));
try{
$vote = PollVote::Get($poll->UrlName, $GLOBALS['User']->UserId);

6
www/polls/votes/post.php
View file

@ -10,9 +10,9 @@ try{
$vote = new PollVote();
$vote->PollItemId = HttpInput::Int(HttpVariableSource::Post, 'pollitemid');
$vote->PollItemId = HttpInput::Int(POST, 'pollitemid');
$vote->Create(HttpInput::Str(HttpVariableSource::Post, 'email'));
$vote->Create(HttpInput::Str(POST, 'email'));
session_unset();
@ -34,7 +34,7 @@ catch(Exceptions\InvalidPollVoteException $ex){
// Access via form; 303 redirect to the form, which will emit a 422 Unprocessable Entity
http_response_code(303);
header('Location: /polls/' . (HttpInput::Str(HttpVariableSource::Get, 'pollurlname') ?? '') . '/votes/new');
header('Location: /polls/' . (HttpInput::Str(GET, 'pollurlname') ?? '') . '/votes/new');
}
else{
// Access via HttpRequestType::Rest api; 422 Unprocessable Entity

4
www/sessions/new.php
View file

@ -8,8 +8,8 @@ if($GLOBALS['User'] !== null){
exit();
}
$email = HttpInput::Str(HttpVariableSource::Session, 'email');
$redirect = HttpInput::Str(HttpVariableSource::Session, 'redirect') ?? HttpInput::Str(HttpVariableSource::Get, 'redirect');
$email = HttpInput::Str(SESSION, 'email');
$redirect = HttpInput::Str(SESSION, 'redirect') ?? HttpInput::Str(GET, 'redirect');
$exception = $_SESSION['exception'] ?? null;
$passwordRequired = false;

6
www/sessions/post.php
View file

@ -9,9 +9,9 @@ try{
$requestType = HttpInput::RequestType();
$session = new Session();
$email = HttpInput::Str(HttpVariableSource::Post, 'email');
$password = HttpInput::Str(HttpVariableSource::Post, 'password');
$redirect = HttpInput::Str(HttpVariableSource::Post, 'redirect');
$email = HttpInput::Str(POST, 'email');
$password = HttpInput::Str(POST, 'password');
$redirect = HttpInput::Str(POST, 'redirect');
if($redirect === null){
$redirect = '/';

4
www/settings/post.php
View file

@ -1,8 +1,8 @@
<?
use function Safe\strtotime;
$hideDonationAlert = HttpInput::Bool(HttpVariableSource::Post, 'hide-donation-alert');
$colorScheme = HttpInput::Str(HttpVariableSource::Post, 'color-scheme');
$hideDonationAlert = HttpInput::Bool(POST, 'hide-donation-alert');
$colorScheme = HttpInput::Str(POST, 'color-scheme');
if($hideDonationAlert !== null){
setcookie('hide-donation-alert', $hideDonationAlert ? 'true' : 'false', ['expires' => strtotime('+1 month'), 'path' => '/', 'domain' => SITE_DOMAIN, 'secure' => true, 'httponly' => true, 'samesite' => 'Lax']);