|
|
@ -8,9 +8,9 @@ define('DATA_FILE', __DIR__ . DIRECTORY_SEPARATOR . 'data.php'); |
|
|
|
if (file_exists(CONFIG_FILE)) require_once CONFIG_FILE; |
|
|
|
if (!isset($config)) $config = []; |
|
|
|
|
|
|
|
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null; |
|
|
|
$action = (isset($_REQUEST['action']) and preg_match('/^[a-z]{1,16}$/i', $_REQUEST['action'])) ? $_REQUEST['action'] : null; |
|
|
|
|
|
|
|
$hasSupplier = isset($_REQUEST['supplier']) and !empty($_REQUEST['supplier']); |
|
|
|
$hasSupplier = isset($_REQUEST['supplier']) and !empty($_REQUEST['supplier']) and preg_match('/^[A-Za-z]\w{0,31}$/', $_REQUEST['supplier']); |
|
|
|
$supplier = $_REQUEST['supplier']; |
|
|
|
|
|
|
|
if ($hasSupplier) { |
|
|
@ -52,7 +52,7 @@ if ($hasSupplier) { |
|
|
|
|
|
|
|
foreach (array_keys($config[$supplier]) as $key) |
|
|
|
if (isset($_REQUEST[$key])) |
|
|
|
$config[$supplier][$key] = $_REQUEST[$key]; |
|
|
|
$config[$supplier][$key] = (!in_array($key, ['title', 'description']) ? filter_var($_REQUEST[$key], FILTER_SANITIZE_STRING) : $_REQUEST[$key]); |
|
|
|
} |
|
|
|
|
|
|
|
if (empty($config[$supplier]['start'])) |
|
|
@ -93,7 +93,15 @@ if ($action === 'config') { |
|
|
|
$isConfig = true; |
|
|
|
} |
|
|
|
|
|
|
|
$hasEvent = isset($_REQUEST['event']); |
|
|
|
try { |
|
|
|
$hasEvent = ( |
|
|
|
isset($_REQUEST['event']) |
|
|
|
and preg_match('/^\d{4}\-[01]\d\-[0123]\d$/', $_REQUEST['event']) |
|
|
|
and ((new \DateTimeImmutable($_REQUEST['event'])) instanceof \DateTimeImmutable) |
|
|
|
); |
|
|
|
} catch (\Exception $exception) { |
|
|
|
$hasEvent = false; |
|
|
|
} |
|
|
|
if (!$isConfig and $hasSupplier) { |
|
|
|
$start = new \DateTime($config[$supplier]['start']); |
|
|
|
if (!$hasEvent) { |
|
|
@ -133,7 +141,7 @@ if (!$isConfig and $hasSupplier) { |
|
|
|
fwrite($output, '<?php' . PHP_EOL); |
|
|
|
$item = []; |
|
|
|
foreach (['name', 'choice', 'action'] as $field) |
|
|
|
$item[$field] = $_REQUEST[$field]; |
|
|
|
$item[$field] = filter_var($_REQUEST[$field], FILTER_SANITIZE_STRING); |
|
|
|
$item['timestamp'] = time(); |
|
|
|
$item['hash'] = md5(implode([ $item['name'], $item['choice'], ])); |
|
|
|
fprintf( |
|
|
|