improvement: added intval() in some places and make the code shorter

chilek · Dec 12, 2023 · b8e5627 · b8e5627
1 parent 2e84ccd
commit b8e5627
Showing 1 changed file with 12 additions and 10 deletions.
diff --git a/modules/eventedit.php b/modules/eventedit.php
@@ -34,8 +34,12 @@
     ConfigHelper::getConfig('phpui.allow_modify_closed_events_newer_than', 604800)
 );
 
-if (isset($_GET['id'])) {
-    $event = $LMS->GetEvent($_GET['id']);
+$action = isset($_GET['action']) ? $_GET['action'] : null;
+$id = !empty($_GET['id']) ? intval($_GET['id']) : null;
+$ticketid = !empty($_GET['ticketid']) ? intval($_GET['ticketid']) : null;
+
+if (!empty($id)) {
+    $event = $LMS->GetEvent($id);
     if (empty($event)) {
         $SESSION->redirect('?m=eventlist');
     }
@@ -58,11 +62,10 @@
 $backid = $SESSION->get('backid');
 $backurl = '?' . $backto . (empty($backid) ? '' : '#' . $backid);
 
-$action = isset($_GET['action']) ? $_GET['action'] : null;
 switch ($action) {
     case 'open':
         if (empty($event['closeddate']) || ($event['closed'] == 1 && $aee && (time() - $event['closeddate'] < $aee)) || ConfigHelper::checkPrivilege('superuser')) {
-            $LMS->EventOpen($_GET['id']);
+            $LMS->EventOpen($id);
             $SESSION->remove_history_entry();
             $SESSION->redirect($backurl);
         } else {
@@ -71,17 +74,16 @@
         break;
     case 'close':
         $SESSION->remove_history_entry();
-        if (isset($_GET['ticketid'])) {
-            $params = array('ticketid' => $_GET['ticketid']);
+        if (isset($ticketid)) {
+            $LMS->EventClose(array('ticketid' => $ticketid));
         } else {
-            $params = array('id' => $_GET['id']);
+            $LMS->EventClose(array('id' => $id));
         }
-        $LMS->EventClose($params);
         $SESSION->redirect($backurl);
         break;
     case 'assign':
         if ($event['closed'] != 1 || ($event['closed'] == 1 && $aee && ((time() - $event['closeddate']) < $aee)) || ConfigHelper::checkPrivilege('superuser')) {
-            $LMS->AssignUserToEvent($_GET['id'], Auth::GetCurrentUser());
+            $LMS->AssignUserToEvent($id, Auth::GetCurrentUser());
             $SESSION->remove_history_entry();
             $SESSION->redirect($backurl);
         } else {
@@ -90,7 +92,7 @@
         break;
     case 'unassign':
         if ($event['closed'] != 1 || ($event['closed'] == 1 && $aee && ((time() - $event['closeddate']) < $aee)) || ConfigHelper::checkPrivilege('superuser')) {
-            $LMS->UnassignUserFromEvent($_GET['id'], Auth::GetCurrentUser());
+            $LMS->UnassignUserFromEvent($id, Auth::GetCurrentUser());
             $SESSION->remove_history_entry();
             $SESSION->redirect($backurl);
         } else {