Coding standards
Security in ResourceSpace
Developer reference
Database
Action functions
Admin functions
Ajax functions
Annotation functions
API functions
Collections functions
Comment functions
Config functions
CSV export functions
Dash functions
Debug functions
Encryption functions
Facial recognition functions
File functions
General functions
Language functions
Log functions
Login functions
Message functions
Migration functions
Node functions
PDF functions
Plugin functions
Render functions
Reporting functions
Request functions
Research functions
Slideshow functions
Theme permission functions
User functions
Video functions
Database functions
Metadata functions
Resource functions
Search functions
Map functions
Job functions
Tab functions
Test functions

validate_build_url()

Description

Sanitise the url provided when saving a dash tile. This function will take the value obtained by the form and pass it through if valid.
If the url supplied is invalid, a blank value will be returned allowing the default standard tile type to be used.

Parameters

ColumnTypeDefaultDescription
$buildurl string url supplied when dash tile is edited, containing a number of optional parameters.

Return

string A valid url or empty string if invalid.

Location

include/dash_functions.php lines 1992 to 2052

Definition

 
function validate_build_url($buildurl)
    {
    global $tile_styles;
    if ($buildurl != "")
        {
        # Sanitise the url provided.
        $build_url_parts explode('?',$buildurl);
        $valid_tile_urls = array();
        $valid_tile_urls[] = 'pages/ajax/dash_tile.php';
        $valid_tile_urls[] = 'pages/team/ajax/graph.php';
        if (!in_array($build_url_parts[0],$valid_tile_urls))
            {
            // Url is invalid
            $buildurl "";
            }
        else
            {
            parse_str(($build_url_parts[1]??""), $build_url_parts_param);
            foreach ($build_url_parts_param as $param => $value)
                {
                switch ($param)
                    {
                    case 'tltype':
                        # type checks
                        if (!array_key_exists($value,$tile_styles))
                            {
                            $buildurl "";
                            }
                        break;
                    case 'tlsize':
                        # size checks
                        if (!in_array($value,array('single','double','')))
                            {
                            $buildurl "";
                            }
                        break;
                    case 'tlstyle':
                        # style checks
                        $all_tile_styles = array();
                        foreach ($tile_styles as $tile_type_style)
                            {
                            $all_tile_styles array_merge($all_tile_styles$tile_type_style);
                            }
                        if (!in_array($value,$all_tile_styles))
                            {
                            $buildurl "";
                            }
                        break;
                    case 'promimg':
                        # img checks
                        if (!is_int_loose($value) && !is_bool($build_url_parts_param[1]))
                            {
                            $buildurl "";
                            }
                        break;
                    }
                }
            }
        }
    return $buildurl;
    }

This article was last updated 17th November 2024 15:35 Europe/London time based on the source file dated 13th November 2024 15:50 Europe/London time.