goodspeed/Cloudlog
1
0
派生 0
代码 工单 合并请求 项目 版本发布 软件包 百科 动态 Actions

Fixed sec-issues at stations (edit / delete / empty / copy)

浏览代码
这个提交包含在:
int2001 2023-07-30 09:05:51 +00:00
父节点 37281f8fe6
当前提交 bcf3aecd1a
找不到此签名对应的密钥
GPG 密钥 ID: DFB1C13CD2DB037B
共有 1 个文件被更改,包括 47 次插入39 次删除
显示统计信息 下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

28
application/controllers/Station.php
查看文件

@ -31,8 +31,7 @@ class Station extends CI_Controller {
$this->load->view('interface_assets/footer'); $this->load->view('interface_assets/footer');
} }
public function create() public function create() {
{
$this->load->model('stations'); $this->load->model('stations');
$this->load->model('dxcc'); $this->load->model('dxcc');
$data['dxcc_list'] = $this->dxcc->list(); $data['dxcc_list'] = $this->dxcc->list();
@ -59,8 +58,9 @@ class Station extends CI_Controller {
} }
} }
public function edit($id) public function edit($id) {
{ $this->load->model('stations');
if ($this->stations->check_station_is_accessible($id)) {
$data = $this->load_station_for_editing($id); $data = $this->load_station_for_editing($id);
$data['page_title'] = "Edit Station Location: {$data['my_station_profile']->station_profile_name}"; $data['page_title'] = "Edit Station Location: {$data['my_station_profile']->station_profile_name}";
@ -73,12 +73,16 @@ class Station extends CI_Controller {
$data['notice'] = "Station Profile " . $this->security->xss_clean($this->input->post('station_profile_name', true)) . " Updated"; $data['notice'] = "Station Profile " . $this->security->xss_clean($this->input->post('station_profile_name', true)) . " Updated";
redirect('station');
}
} else {
redirect('station'); redirect('station');
} }
} }
public function copy($id) public function copy($id) {
{ $this->load->model('stations');
if ($this->stations->check_station_is_accessible($id)) {
$data = $this->load_station_for_editing($id); $data = $this->load_station_for_editing($id);
$data['page_title'] = "Duplicate Station Location: {$data['my_station_profile']->station_profile_name}"; $data['page_title'] = "Duplicate Station Location: {$data['my_station_profile']->station_profile_name}";
@ -97,12 +101,14 @@ class Station extends CI_Controller {
{ {
$this->stations->add(); $this->stations->add();
redirect('station');
}
} else {
redirect('station'); redirect('station');
} }
} }
function load_station_for_editing($id): array function load_station_for_editing($id): array {
{
$this->load->library('form_validation'); $this->load->library('form_validation');
$this->load->model('stations'); $this->load->model('stations');
@ -159,15 +165,17 @@ class Station extends CI_Controller {
public function delete($id) { public function delete($id) {
$this->load->model('stations'); $this->load->model('stations');
if ($this->stations->check_station_is_accessible($id)) {
$this->stations->delete($id); $this->stations->delete($id);
}
redirect('station'); redirect('station');
} }
public function deletelog($id) { public function deletelog($id) {
$this->load->model('stations'); $this->load->model('stations');
if ($this->stations->check_station_is_accessible($id)) {
$this->stations->deletelog($id); $this->stations->deletelog($id);
}
redirect('station'); redirect('station');
} }