[pLog-svn] r6477 - plog/branches/lifetype-1.2/class/action

jondaley at devel.lifetype.net jondaley at devel.lifetype.net
Sat May 24 15:17:39 EDT 2008


Author: jondaley
Date: 2008-05-24 15:17:39 -0400 (Sat, 24 May 2008)
New Revision: 6477

Modified:
   plog/branches/lifetype-1.2/class/action/resourceserveraction.class.php
Log:
added validation for blogDomain.  removed bad parameter in RedirectView.  Validation usernames with the username validator.  deny html in all names

Modified: plog/branches/lifetype-1.2/class/action/resourceserveraction.class.php
===================================================================
--- plog/branches/lifetype-1.2/class/action/resourceserveraction.class.php	2008-05-24 19:16:46 UTC (rev 6476)
+++ plog/branches/lifetype-1.2/class/action/resourceserveraction.class.php	2008-05-24 19:17:39 UTC (rev 6477)
@@ -12,6 +12,7 @@
     lt_include( PLOG_CLASS_PATH."class/dao/blogs.class.php" );
     lt_include( PLOG_CLASS_PATH."class/gallery/dao/galleryresources.class.php" );	
 	lt_include( PLOG_CLASS_PATH."class/data/validator/stringvalidator.class.php" );
+	lt_include( PLOG_CLASS_PATH."class/data/validator/usernamevalidator.class.php" );
 	lt_include( PLOG_CLASS_PATH."class/data/validator/integervalidator.class.php" );	
 
     /**
@@ -30,21 +31,22 @@
 		function ResourceServerAction( $actionInfo, $request )
 		{
 			$this->Action( $actionInfo, $request );
-			
+
 			// keep the session for later use
             $session = HttpVars::getSession();
         	$this->_session = $session['SessionInfo'];			
 			
 			$this->_config =& Config::getConfig();
 			
-			$this->registerFieldValidator( "resource", new StringValidator(), true );
+			$this->registerFieldValidator( "resource", new StringValidator( false ), true );
 			$this->registerFieldValidator( "resId", new IntegerValidator(), true );
 			$this->registerFieldValidator( "albumId", new IntegerValidator(), true );
-			$this->registerFieldValidator( "albumName", new StringValidator(), true );
+			$this->registerFieldValidator( "albumName", new StringValidator( false ), true );
 			$this->registerFieldValidator( "blogId", new IntegerValidator(), true );
-			$this->registerFieldValidator( "blogName", new StringValidator(), true );
+			$this->registerFieldValidator( "blogDomain", new StringValidator( false ), true );
+			$this->registerFieldValidator( "blogName", new StringValidator( false ), true );
 			$this->registerFieldValidator( "userId", new IntegerValidator(), true );
-			$this->registerFieldValidator( "blogUserName", new StringValidator(), true );			
+			$this->registerFieldValidator( "blogUserName", new UsernameValidator(), true );
 			
 			// since this class does not return HTML code but files, we cannot
 			// return HTML so let's return 404 status code with a custom error message
@@ -196,7 +198,7 @@
 				$this->_view = new View();
 				$this->_view->addHeaderResponse( "HTTP/1.1 404 Not Found" );
 				$this->_view->addHeaderResponse( "Status: 404 Not Found" );
-				$this->_view->addHeaderResponse( "X-LifeType-Error: Resource $this->_resId not found" );		
+				$this->_view->addHeaderResponse( "X-LifeType-Error: Resource $this->_resId not found" );
 				
 				return false;
 			}
@@ -215,7 +217,7 @@
 			}
 			
 			// generate the correct view with the resource data...			
-			$this->_view = new RedirectView( $redirectUrl, $this->_mode );
+			$this->_view = new RedirectView( $redirectUrl );
 			
 			return true;
 		}



More information about the pLog-svn mailing list