diff options
| author |   Brian Evans <grknight@gentoo.org> | 2018-01-29 16:07:33 -0500 |
|---|---|---|
| committer | Brian Evans <grknight@gentoo.org> | 2018-01-29 16:07:33 -0500 |
| commit | b167721d5746c0d1791febbb213da0a0aed21aa2 (patch) | |
| tree | e1c1c0af4b8d937f22b533b6edf0d1eeaf0083e4 /php/admin/mirror-list.php | |
| parent | Import existing bouncer.g.o into git (diff) | |
| download | bouncer-b167721d5746c0d1791febbb213da0a0aed21aa2.tar.gz bouncer-b167721d5746c0d1791febbb213da0a0aed21aa2.tar.bz2 bouncer-b167721d5746c0d1791febbb213da0a0aed21aa2.zip | |
Modernize the database and mirror libraries
Diffstat (limited to 'php/admin/mirror-list.php')
| -rw-r--r-- | php/admin/mirror-list.php | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/php/admin/mirror-list.php b/php/admin/mirror-list.php index c161efd..e0876d4 100644 --- a/php/admin/mirror-list.php +++ b/php/admin/mirror-list.php @@ -9,20 +9,20 @@ require_once('../cfg/init.php'); if (!empty($_GET['os'])&&!empty($_GET['product'])) { // clean in os and product strings - $os_name = mysql_real_escape_string(trim(strtolower($_GET['os']))); - $product_name = mysql_real_escape_string(trim(strtolower($_GET['product']))); + $os_name = trim(strtolower(filter_input(INPUT_GET,'os'))); + $product_name = trim(strtolower(filter_input(INPUT_GET,'product'))); // get os and product IDs - $os_id = db_name_to_id('mirror_os','os_id','os_name',$os_name); - $product_id = db_name_to_id('mirror_products','product_id','product_name',$product_name); + $os_id = DB::name_to_id('mirror_os','os_id','os_name',$os_name); + $product_id = DB::name_to_id('mirror_products','product_id','product_name',$product_name); } if (!empty($_GET['os_id'])&&!empty($_GET['product_id'])) { - $os_id = intval($_GET['os_id']); - $product_id = intval($_GET['product_id']); + $os_id = intval(filter_input(INPUT_GET,'os_id',FILTER_SANITIZE_NUMBER_INT)); + $product_id = intval(filter_input(INPUT_GET,'product_id',FILTER_SANITIZE_NUMBER_INT)); - $mirrors = db_get(" + $mirrors = DB::get(" SELECT DISTINCT mirror_baseurl FROM @@ -36,11 +36,11 @@ if (!empty($_GET['os_id'])&&!empty($_GET['product_id'])) { ON mirror_location_mirror_map.location_id = mirror_locations.location_id WHERE - mirror_locations.os_id = {$os_id} AND - mirror_locations.product_id = {$product_id} AND + mirror_locations.os_id = ? AND + mirror_locations.product_id = ? AND mirror_location_mirror_map.location_active = '1' AND mirror_mirrors.mirror_active = '1' - "); + ", PDO::FETCH_ASSOC, [$os_id, $product_id]); header("Content-type: text/plain;"); foreach ($mirrors as $mirror) { @@ -58,17 +58,16 @@ if (!empty($_GET['os_id'])&&!empty($_GET['product_id'])) { form_start('list','list','get','./mirror-list.php'); echo '<div>'; form_label('Product', 'product','label-small'); - form_select('product_id','product','',mirror_get_products_select(),$posts['product_id']); + form_select('product_id','product','',Mirror::get_products_select(),$posts['product_id']); echo ' [<a href="./products.php">edit products</a>]'; echo '</div><br />'; echo '<div>'; form_label('OS', 'os','label-small'); - form_select('os_id','os','',mirror_get_oss_select(),$posts['os_id']); + form_select('os_id','os','',Mirror::get_oss_select(),$posts['os_id']); echo ' [<a href="./os.php">edit operating systems</a>]'; echo '</div><br />'; form_submit('submit','','button1','Update'); form_end(); require_once(FOOTER); } -?> |