torsten/fvsjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed from error

Browse Source
This commit is contained in:
Torsten Schulz
2023-12-28 17:07:46 +01:00
parent 82a68012ae
commit 67aa86b15b
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
include/renderer.php
View File

@@ -107,7 +107,7 @@ class Renderer {
}
public function render(): void {
if (trim(filter_input(INPUT_POST, 'action', FILTER_SANITIZE_STRING)) !== '') {
if (trim(filter_input(INPUT_POST, 'action', FILTER_SANITIZE_FULL_SPECIAL_CHARS)) !== '') {
$this->formAction();
}
$this->website = file_get_contents('templates/page.html');
@@ -177,7 +177,7 @@ class Renderer {
}
protected function showInputField(array $errors, string $inputType, string $fieldName, int $fieldLength): void {
echo '<input type="' . $inputType . '" name="' . $fieldName . '" size="' . $fieldLength . '" value="' . filter_input(INPUT_POST, $fieldName, FILTER_SANITIZE_STRING) . '" />';
echo '<input type="' . $inputType . '" name="' . $fieldName . '" size="' . $fieldLength . '" value="' . filter_input(INPUT_POST, $fieldName, FILTER_SANITIZE_FULL_SPECIAL_CHARS) . '" />';
if (isset($errors[$fieldName])) {
echo '<span class="error">' . $errors[$fieldName] . '</span>';
}
@@ -300,7 +300,7 @@ class Renderer {
} elseif ($this->cleanFields) {
return '';
}
$value = filter_input(INPUT_POST, $this->formFields[$index]['name'], FILTER_SANITIZE_STRING) ?: '';
$value = filter_input(INPUT_POST, $this->formFields[$index]['name'], FILTER_SANITIZE_FULL_SPECIAL_CHARS) ?: '';
if (trim($value) === '' && isset($this->predefines[$this->formFields[$index]['name']])) {
$value = $this->predefines[$this->formFields[$index]['name']];
}
@@ -314,7 +314,7 @@ class Renderer {
protected function formCheckFields(): bool {
foreach ($this->formFields as $field) {
$value = filter_input(INPUT_POST, $field['name'], isset($field['filter']) ? $field['filter'] : FILTER_SANITIZE_STRING);
$value = filter_input(INPUT_POST, $field['name'], isset($field['filter']) ? $field['filter'] : FILTER_SANITIZE_FULL_SPECIAL_CHARS);
if (isset($field['optional']) && ($field['optional'] == false) && trim($value) === '' && $field['type'] !== 'file') {
$this->errors[$field['name']] = 'Das Feld darf nicht leer sein';
continue;