[pLog-svn] r6477 - plog/branches/lifetype-1.2/class/action
jondaley at devel.lifetype.net
jondaley at devel.lifetype.net
Sat May 24 15:17:39 EDT 2008
Author: jondaley
Date: 2008-05-24 15:17:39 -0400 (Sat, 24 May 2008)
New Revision: 6477
Modified:
plog/branches/lifetype-1.2/class/action/resourceserveraction.class.php
Log:
added validation for blogDomain. removed bad parameter in RedirectView. Validation usernames with the username validator. deny html in all names
Modified: plog/branches/lifetype-1.2/class/action/resourceserveraction.class.php
===================================================================
--- plog/branches/lifetype-1.2/class/action/resourceserveraction.class.php 2008-05-24 19:16:46 UTC (rev 6476)
+++ plog/branches/lifetype-1.2/class/action/resourceserveraction.class.php 2008-05-24 19:17:39 UTC (rev 6477)
@@ -12,6 +12,7 @@
lt_include( PLOG_CLASS_PATH."class/dao/blogs.class.php" );
lt_include( PLOG_CLASS_PATH."class/gallery/dao/galleryresources.class.php" );
lt_include( PLOG_CLASS_PATH."class/data/validator/stringvalidator.class.php" );
+ lt_include( PLOG_CLASS_PATH."class/data/validator/usernamevalidator.class.php" );
lt_include( PLOG_CLASS_PATH."class/data/validator/integervalidator.class.php" );
/**
@@ -30,21 +31,22 @@
function ResourceServerAction( $actionInfo, $request )
{
$this->Action( $actionInfo, $request );
-
+
// keep the session for later use
$session = HttpVars::getSession();
$this->_session = $session['SessionInfo'];
$this->_config =& Config::getConfig();
- $this->registerFieldValidator( "resource", new StringValidator(), true );
+ $this->registerFieldValidator( "resource", new StringValidator( false ), true );
$this->registerFieldValidator( "resId", new IntegerValidator(), true );
$this->registerFieldValidator( "albumId", new IntegerValidator(), true );
- $this->registerFieldValidator( "albumName", new StringValidator(), true );
+ $this->registerFieldValidator( "albumName", new StringValidator( false ), true );
$this->registerFieldValidator( "blogId", new IntegerValidator(), true );
- $this->registerFieldValidator( "blogName", new StringValidator(), true );
+ $this->registerFieldValidator( "blogDomain", new StringValidator( false ), true );
+ $this->registerFieldValidator( "blogName", new StringValidator( false ), true );
$this->registerFieldValidator( "userId", new IntegerValidator(), true );
- $this->registerFieldValidator( "blogUserName", new StringValidator(), true );
+ $this->registerFieldValidator( "blogUserName", new UsernameValidator(), true );
// since this class does not return HTML code but files, we cannot
// return HTML so let's return 404 status code with a custom error message
@@ -196,7 +198,7 @@
$this->_view = new View();
$this->_view->addHeaderResponse( "HTTP/1.1 404 Not Found" );
$this->_view->addHeaderResponse( "Status: 404 Not Found" );
- $this->_view->addHeaderResponse( "X-LifeType-Error: Resource $this->_resId not found" );
+ $this->_view->addHeaderResponse( "X-LifeType-Error: Resource $this->_resId not found" );
return false;
}
@@ -215,7 +217,7 @@
}
// generate the correct view with the resource data...
- $this->_view = new RedirectView( $redirectUrl, $this->_mode );
+ $this->_view = new RedirectView( $redirectUrl );
return true;
}
More information about the pLog-svn
mailing list