On Tue, 01 Jul 2014 at 18:37:46, Florian Pritz wrote:
> [...]
> I understand this is copied from pkg_search_page() in
> web/lib/pkgfuncs.inc.php, but now would be a good time to clean it up
> (in both places). Especially the usage of $_GET rather than a local
> variable should go away.
>
> Introduce something like input_get($field_name, $default = false); which
> would check if the value is set and if it is return it, otherwise return
> the default.
>
I prepared several patches to improve GET parameter handling and
permission handling but I am not going to merge them before the 3.2.0
release.
> > + $_GET['O'] = intval($_GET['O']);
> > + if ($_GET['O'] < 0)
> > + $_GET['O'] = 0;
>
> $value = max(intval($value), 0);
>
> > + } else {
> > + $_GET['O'] = 0;
> > + }
> > +
> > +
> > + if (isset($_GET["PP"])) {
> > + $_GET["PP"] = intval($_GET["PP"]);
> > + if ($_GET["PP"] < 50)
> > + $_GET["PP"] = 50;
> > + else if ($_GET["PP"] > 250)
> > + $_GET["PP"] = 250;
>
> # Source: http://at2.php.net/manual/en/function.min.php#81302
> function bound($x, $min, $max)
> {
> return min(max($x, $min), $max);
> }
> [...]
Thanks, I will send a patch to simplify these two checks (the patch
series has already been merged into master, so it is too late to amend).
