jilo-web/app/includes/sanitize.php

<?php

// sanitize all input vars that may end up in URLs or forms

$platform_id = htmlspecialchars($_REQUEST['platform'] ?? '');
if (isset($_REQUEST['page'])) {
    $page = htmlspecialchars($_REQUEST['page']);
} else {
    $page = 'dashboard';
}
if (isset($_REQUEST['item'])) {
    $item = htmlspecialchars($_REQUEST['item']);
} else {
    $item = '';
}

if (isset($_REQUEST['from_time'])) {
    $from_time = htmlspecialchars($_REQUEST['from_time']);
}
if (isset($_REQUEST['until_time'])) {
    $until_time = htmlspecialchars($_REQUEST['until_time']);
}

// sanitize session vars
if (isset($_SESSION)) {
    foreach ($_SESSION as $key => $value) {
        if (is_string($value)) {
            $_SESSION[$key] = htmlspecialchars($value);
        }
    }
}

// hosts
if (isset($_POST['address'])) {
    $address = htmlspecialchars($_POST['address']);
}
if (isset($_POST['port'])) {
    $port = htmlspecialchars($_POST['port']);
}
if (isset($_POST['name'])) {
    $name = htmlspecialchars($_POST['name']);
}

// agents
if (isset($_POST['type'])) {
    $type = htmlspecialchars($_POST['type']);
}
if (isset($_POST['url'])) {
    $url = htmlspecialchars($_POST['url']);
}
if (isset($_POST['secret_key'])) {
    $secret_key = htmlspecialchars($_POST['secret_key']);
}
if (isset($_POST['check_period'])) {
    $check_period = htmlspecialchars($_POST['check_period']);
}

// platforms
if (isset($_POST['name'])) {
    $name = htmlspecialchars($_POST['name']);
}


?>
Centralizes data sanitation 2024-10-04 08:36:45 +00:00			`<?php`
Sanitize all output 2024-10-04 11:18:28 +00:00
			`// sanitize all input vars that may end up in URLs or forms`
Centralizes data sanitation 2024-10-04 08:36:45 +00:00
Adds validation to registration form 2025-02-10 17:25:17 +00:00			`$platform_id = htmlspecialchars($_REQUEST['platform'] ?? '');`
Centralizes data sanitation 2024-10-04 08:36:45 +00:00			`if (isset($_REQUEST['page'])) {`
			`$page = htmlspecialchars($_REQUEST['page']);`
			`} else {`
			`$page = 'dashboard';`
			`}`
			`if (isset($_REQUEST['item'])) {`
			`$item = htmlspecialchars($_REQUEST['item']);`
			`} else {`
			`$item = '';`
			`}`
Sanitize all output 2024-10-04 11:18:28 +00:00
			`if (isset($_REQUEST['from_time'])) {`
			`$from_time = htmlspecialchars($_REQUEST['from_time']);`
			`}`
			`if (isset($_REQUEST['until_time'])) {`
			`$until_time = htmlspecialchars($_REQUEST['until_time']);`
			`}`

Implements and troubleshoots new messages system 2025-01-06 09:13:28 +00:00			`// sanitize session vars`
			`if (isset($_SESSION)) {`
			`foreach ($_SESSION as $key => $value) {`
			`if (is_string($value)) {`
			`$_SESSION[$key] = htmlspecialchars($value);`
			`}`
			`}`
			`}`

Fixes add host pages 2024-10-30 17:11:23 +00:00			`// hosts`
			`if (isset($_POST['address'])) {`
			`$address = htmlspecialchars($_POST['address']);`
			`}`
			`if (isset($_POST['port'])) {`
			`$port = htmlspecialchars($_POST['port']);`
			`}`
			`if (isset($_POST['name'])) {`
			`$name = htmlspecialchars($_POST['name']);`
			`}`

Sanitize all output 2024-10-04 11:18:28 +00:00			`// agents`
			`if (isset($_POST['type'])) {`
			`$type = htmlspecialchars($_POST['type']);`
Centralizes data sanitation 2024-10-04 08:36:45 +00:00			`}`
Sanitize all output 2024-10-04 11:18:28 +00:00			`if (isset($_POST['url'])) {`
			`$url = htmlspecialchars($_POST['url']);`
			`}`
			`if (isset($_POST['secret_key'])) {`
			`$secret_key = htmlspecialchars($_POST['secret_key']);`
			`}`
Adds check period to agents config 2024-10-24 09:11:35 +00:00			`if (isset($_POST['check_period'])) {`
			`$check_period = htmlspecialchars($_POST['check_period']);`
			`}`
Sanitize all output 2024-10-04 11:18:28 +00:00
			`// platforms`
			`if (isset($_POST['name'])) {`
			`$name = htmlspecialchars($_POST['name']);`
Centralizes data sanitation 2024-10-04 08:36:45 +00:00			`}`


			`?>`