Project

General

Profile

« Previous | Next » 

Revision 5bef2407

Added by Jim Pingle about 9 years ago

Add input validation to system_groupmanager.php to prevent invalid members from being submitted. Ticket #6475

View differences:

src/usr/local/www/system_groupmanager.php
188 188 
		}
189 189 
	}
190 190 

  		




  191
  
  
    

  		




  192
  191
  
    
	if (strlen($_POST['groupname']) > 16) {


  		




  193
  192
  
    
		$input_errors[] = gettext("The group name is longer than 16 characters.");


  		




  194
  193
  
    
	}


  		




  195
  194
  
    

  		




  
  195
  
    
	/* Check the POSTed members to ensure they are valid and exist */


  		




  
  196
  
    
	foreach ($_POST['members'] as $newmember) {


  		




  
  197
  
    
		if (!is_numeric($newmember) || empty(getUserEntryByUID($newmember))) {


  		




  
  198
  
    
			$input_errors[] = gettext("One or more invalid group members was submitted.");


  		




  
  199
  
    
		}


  		




  
  200
  
    
	}


  		




  
  201
  
    

  		




  196
  202
  
    
	if (!$input_errors && !(isset($id) && $a_group[$id])) {


  		




  197
  203
  
    
		/* make sure there are no dupes */


  		




  198
  204
  
    
		foreach ($a_group as $group) {


  		












Also available in:  Unified diff