This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
1 | <?php |
||
2 | |||
3 | declare(strict_types=1); |
||
4 | |||
5 | /* |
||
6 | You may not change or alter any portion of this comment or credits |
||
7 | of supporting developers from this source code or any supporting source code |
||
8 | which is considered copyrighted (c) material of the original comment or credit authors. |
||
9 | |||
10 | This program is distributed in the hope that it will be useful, |
||
11 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
||
13 | */ |
||
14 | |||
15 | /** |
||
16 | * wgEvents module for xoops |
||
17 | * |
||
18 | * @copyright 2021 XOOPS Project (https://xoops.org) |
||
19 | * @license GPL 2.0 or later |
||
20 | * @package wgevents |
||
21 | * @since 1.0.0 |
||
22 | * @min_xoops 2.5.11 Beta1 |
||
23 | * @author Goffy - Wedega - Email:[email protected] - Website:https://xoops.wedega.com |
||
24 | */ |
||
25 | |||
26 | use Xmf\Request; |
||
27 | use XoopsModules\Wgevents; |
||
28 | use XoopsModules\Wgevents\Constants; |
||
29 | use XoopsModules\Wgevents\Common; |
||
30 | |||
31 | require __DIR__ . '/header.php'; |
||
32 | // Get all request values |
||
33 | $op = Request::getCmd('op', 'list'); |
||
34 | $Id = Request::getInt('id'); |
||
35 | $start = Request::getInt('start'); |
||
36 | $limit = Request::getInt('limit', $helper->getConfig('adminpager')); |
||
37 | $GLOBALS['xoopsTpl']->assign('start', $start); |
||
38 | $GLOBALS['xoopsTpl']->assign('limit', $limit); |
||
39 | |||
40 | switch ($op) { |
||
41 | case 'list': |
||
42 | default: |
||
43 | // Define Stylesheet |
||
44 | $GLOBALS['xoTheme']->addStylesheet($style, null); |
||
45 | $templateMain = 'wgevents_admin_fee.tpl'; |
||
46 | $GLOBALS['xoopsTpl']->assign('navigation', $adminObject->displayNavigation('fee.php')); |
||
47 | $adminObject->addItemButton(\_AM_WGEVENTS_ADD_FEE, 'fee.php?op=new'); |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
48 | $GLOBALS['xoopsTpl']->assign('buttons', $adminObject->displayButton('left')); |
||
49 | $feeCount = $feeHandler->getCountFee(); |
||
50 | $feeAll = $feeHandler->getAllFee($start, $limit); |
||
51 | $GLOBALS['xoopsTpl']->assign('fee_count', $feeCount); |
||
52 | $GLOBALS['xoopsTpl']->assign('wgevents_url', \WGEVENTS_URL); |
||
53 | $GLOBALS['xoopsTpl']->assign('wgevents_upload_url', \WGEVENTS_UPLOAD_URL); |
||
54 | // Table view fee |
||
55 | if ($feeCount > 0) { |
||
56 | foreach (\array_keys($feeAll) as $i) { |
||
57 | $fee = $feeAll[$i]->getValuesFee(); |
||
58 | $GLOBALS['xoopsTpl']->append('fee_list', $fee); |
||
59 | unset($fee); |
||
60 | } |
||
61 | // Display Navigation |
||
62 | if ($feeCount > $limit) { |
||
63 | require_once \XOOPS_ROOT_PATH . '/class/pagenav.php'; |
||
64 | $pagenav = new \XoopsPageNav($feeCount, $limit, $start, 'start', 'op=list&limit=' . $limit); |
||
65 | $GLOBALS['xoopsTpl']->assign('pagenav', $pagenav->renderNav()); |
||
66 | } |
||
67 | } else { |
||
68 | $GLOBALS['xoopsTpl']->assign('error', \_AM_WGEVENTS_THEREARENT_FEE); |
||
0 ignored issues
–
show
|
|||
69 | } |
||
70 | break; |
||
71 | case 'new': |
||
72 | $templateMain = 'wgevents_admin_fee.tpl'; |
||
73 | $GLOBALS['xoopsTpl']->assign('navigation', $adminObject->displayNavigation('fee.php')); |
||
74 | $adminObject->addItemButton(\_AM_WGEVENTS_LIST_FEE, 'fee.php', 'list'); |
||
0 ignored issues
–
show
|
|||
75 | $GLOBALS['xoopsTpl']->assign('buttons', $adminObject->displayButton('left')); |
||
76 | // Form Create |
||
77 | $feeObj = $feeHandler->create(); |
||
78 | $form = $feeObj->getFormFee(); |
||
79 | $GLOBALS['xoopsTpl']->assign('form', $form->render()); |
||
80 | break; |
||
81 | case 'clone': |
||
82 | $templateMain = 'wgevents_admin_fee.tpl'; |
||
83 | $GLOBALS['xoopsTpl']->assign('navigation', $adminObject->displayNavigation('fee.php')); |
||
84 | $adminObject->addItemButton(\_AM_WGEVENTS_LIST_FEE, 'fee.php', 'list'); |
||
85 | $adminObject->addItemButton(\_AM_WGEVENTS_ADD_FEE, 'fee.php?op=new'); |
||
86 | $GLOBALS['xoopsTpl']->assign('buttons', $adminObject->displayButton('left')); |
||
87 | // Request source |
||
88 | $IdSource = Request::getInt('id_source'); |
||
89 | // Get Form |
||
90 | $feeObjSource = $feeHandler->get($IdSource); |
||
91 | $feeObj = $feeObjSource->xoopsClone(); |
||
92 | $form = $feeObj->getFormFee(); |
||
93 | $GLOBALS['xoopsTpl']->assign('form', $form->render()); |
||
94 | break; |
||
95 | case 'save': |
||
96 | // Security Check |
||
97 | if (!$GLOBALS['xoopsSecurity']->check()) { |
||
98 | \redirect_header('fee.php', 3, \implode(',', $GLOBALS['xoopsSecurity']->getErrors())); |
||
99 | } |
||
100 | if ($Id > 0) { |
||
101 | $feeObj = $feeHandler->get($Id); |
||
102 | } else { |
||
103 | $feeObj = $feeHandler->create(); |
||
104 | } |
||
105 | // Set Vars |
||
106 | $feeObj->setVar('evid', Request::getInt('evid')); |
||
107 | $feeObj->setVar('amount', Request::getFloat('amount')); |
||
108 | $feeObj->setVar('desc', Request::getString('desc')); |
||
109 | $feeDatecreatedObj = \DateTime::createFromFormat(\_SHORTDATESTRING, Request::getString('datecreated')); |
||
110 | $feeObj->setVar('datecreated', $feeDatecreatedObj->getTimestamp()); |
||
111 | // Insert Data |
||
112 | if ($feeHandler->insert($feeObj)) { |
||
113 | \redirect_header('fee.php?op=list&start=' . $start . '&limit=' . $limit, 2, \_AM_WGEVENTS_FORM_OK); |
||
0 ignored issues
–
show
|
|||
114 | } |
||
115 | // Get Form |
||
116 | $GLOBALS['xoopsTpl']->assign('error', $feeObj->getHtmlErrors()); |
||
117 | $form = $feeObj->getFormFee(); |
||
118 | $GLOBALS['xoopsTpl']->assign('form', $form->render()); |
||
119 | break; |
||
120 | case 'edit': |
||
121 | $templateMain = 'wgevents_admin_fee.tpl'; |
||
122 | $GLOBALS['xoopsTpl']->assign('navigation', $adminObject->displayNavigation('fee.php')); |
||
123 | $adminObject->addItemButton(\_AM_WGEVENTS_ADD_FEE, 'fee.php?op=new'); |
||
124 | $adminObject->addItemButton(\_AM_WGEVENTS_LIST_FEE, 'fee.php', 'list'); |
||
125 | $GLOBALS['xoopsTpl']->assign('buttons', $adminObject->displayButton('left')); |
||
126 | // Get Form |
||
127 | $feeObj = $feeHandler->get($Id); |
||
128 | $feeObj->start = $start; |
||
129 | $feeObj->limit = $limit; |
||
130 | $form = $feeObj->getFormFee(); |
||
131 | $GLOBALS['xoopsTpl']->assign('form', $form->render()); |
||
132 | break; |
||
133 | case 'delete': |
||
134 | $templateMain = 'wgevents_admin_fee.tpl'; |
||
135 | $GLOBALS['xoopsTpl']->assign('navigation', $adminObject->displayNavigation('fee.php')); |
||
136 | $feeObj = $feeHandler->get($Id); |
||
137 | $Evid = $feeObj->getVar('evid'); |
||
138 | if (isset($_REQUEST['ok']) && 1 === (int)$_REQUEST['ok']) { |
||
139 | if (!$GLOBALS['xoopsSecurity']->check()) { |
||
140 | \redirect_header('fee.php', 3, \implode(', ', $GLOBALS['xoopsSecurity']->getErrors())); |
||
141 | } |
||
142 | if ($feeHandler->delete($feeObj)) { |
||
143 | \redirect_header('fee.php', 3, \_AM_WGEVENTS_FORM_DELETE_OK); |
||
0 ignored issues
–
show
|
|||
144 | } else { |
||
145 | $GLOBALS['xoopsTpl']->assign('error', $feeObj->getHtmlErrors()); |
||
146 | } |
||
147 | } else { |
||
148 | $customConfirm = new Common\Confirm( |
||
149 | ['ok' => 1, 'id' => $Id, 'start' => $start, 'limit' => $limit, 'op' => 'delete'], |
||
150 | $_SERVER['REQUEST_URI'], |
||
151 | \sprintf(\_AM_WGEVENTS_FORM_SURE_DELETE, $feeObj->getVar('evid'))); |
||
0 ignored issues
–
show
|
|||
152 | $form = $customConfirm->getFormConfirm(); |
||
153 | $GLOBALS['xoopsTpl']->assign('form', $form->render()); |
||
154 | } |
||
155 | break; |
||
156 | } |
||
157 | require __DIR__ . '/footer.php'; |
||
158 |