r1422 + check bypass arg type before calling the tab handler
authorDenis Ovsienko <infrastation@yandex.ru>
Mon, 24 Dec 2007 18:16:34 +0000 (18:16 +0000)
committerDenis Ovsienko <infrastation@yandex.ru>
Mon, 24 Dec 2007 18:16:34 +0000 (18:16 +0000)
inc/navigation.php
index.php

index b33f8ad064b261a607c6ab6fc8aa14d5d455134c..617a2812a82bb545c0e8b3c819e2d0990524d9b0 100644 (file)
@@ -54,6 +54,7 @@ $page['objgroup']['parent'] = 'objects';
 
 $page['object']['title'] = 'dynamic_title_object';
 $page['object']['bypass'] = 'object_id';
 
 $page['object']['title'] = 'dynamic_title_object';
 $page['object']['bypass'] = 'object_id';
+$page['object']['bypass_type'] = 'uint';
 $page['object']['parent'] = 'objgroup';
 $tab['object']['default'] = 'View';
 $tab['object']['edit'] = 'Properties';
 $page['object']['parent'] = 'objgroup';
 $tab['object']['default'] = 'View';
 $tab['object']['edit'] = 'Properties';
index c990c6221070c84296a92b26672dfb6e6c30348b..b4e92593eeb7118d887e2844b4bae7ccb32bebb8 100644 (file)
--- a/index.php
+++ b/index.php
@@ -71,8 +71,19 @@ foreach (array ('F', 'A', 'U', 'T', 'Th', 'Tw', 'Thw') as $statecode)
 <?php
 if (isset ($tabhandler[$pageno][$tabno]))
 {
 <?php
 if (isset ($tabhandler[$pageno][$tabno]))
 {
-       if (isset ($page[$pageno]['bypass']))
-               $tabhandler[$pageno][$tabno] ($page[$pageno]['bypass']);
+       if (isset ($page[$pageno]['bypass']) && isset ($page[$pageno]['bypass_type']))
+       {
+               switch ($page[$pageno]['bypass_type'])
+               {
+                       case 'uint':
+                               assertUIntArg ($page[$pageno]['bypass']);
+                               break;
+                       default:
+                               showError ("Dispatching error for bypass parameter");
+                               break;
+               }
+               $tabhandler[$pageno][$tabno] ($_REQUEST[$page[$pageno]['bypass']]);
+       }
        else
                $tabhandler[$pageno][$tabno] ();
 }
        else
                $tabhandler[$pageno][$tabno] ();
 }