jilo-web/app/helpers/sanitize.php

<?php

// sanitize all input vars that may end up in URLs or forms

$platform_id = htmlspecialchars($_REQUEST['platform']);
if (isset($_REQUEST['page'])) {
    $page = htmlspecialchars($_REQUEST['page']);
} else {
    $page = 'dashboard';
}
if (isset($_REQUEST['item'])) {
    $item = htmlspecialchars($_REQUEST['item']);
} else {
    $item = '';
}

if (isset($_REQUEST['from_time'])) {
    $from_time = htmlspecialchars($_REQUEST['from_time']);
}
if (isset($_REQUEST['until_time'])) {
    $until_time = htmlspecialchars($_REQUEST['until_time']);
}

if (isset($_SESSION['notice'])) {
    $notice = htmlspecialchars($_SESSION['notice']); // 'notice' for all non-critical messages
}
if (isset($_SESSION['error'])) {
    $error = htmlspecialchars($_SESSION['error']); // 'error' for errors
}

// hosts
if (isset($_POST['address'])) {
    $address = htmlspecialchars($_POST['address']);
}
if (isset($_POST['port'])) {
    $port = htmlspecialchars($_POST['port']);
}
if (isset($_POST['name'])) {
    $name = htmlspecialchars($_POST['name']);
}

// agents
if (isset($_POST['type'])) {
    $type = htmlspecialchars($_POST['type']);
}
if (isset($_POST['url'])) {
    $url = htmlspecialchars($_POST['url']);
}
if (isset($_POST['secret_key'])) {
    $secret_key = htmlspecialchars($_POST['secret_key']);
}
if (isset($_POST['check_period'])) {
    $check_period = htmlspecialchars($_POST['check_period']);
}

// platforms
if (isset($_POST['name'])) {
    $name = htmlspecialchars($_POST['name']);
}


?>
Centralizes data sanitation 2024-10-04 08:36:45 +00:00			`<?php`
Sanitize all output 2024-10-04 11:18:28 +00:00
			`// sanitize all input vars that may end up in URLs or forms`
Centralizes data sanitation 2024-10-04 08:36:45 +00:00
			`$platform_id = htmlspecialchars($_REQUEST['platform']);`
			`if (isset($_REQUEST['page'])) {`
			`$page = htmlspecialchars($_REQUEST['page']);`
			`} else {`
			`$page = 'dashboard';`
			`}`
			`if (isset($_REQUEST['item'])) {`
			`$item = htmlspecialchars($_REQUEST['item']);`
			`} else {`
			`$item = '';`
			`}`
Sanitize all output 2024-10-04 11:18:28 +00:00
			`if (isset($_REQUEST['from_time'])) {`
			`$from_time = htmlspecialchars($_REQUEST['from_time']);`
			`}`
			`if (isset($_REQUEST['until_time'])) {`
			`$until_time = htmlspecialchars($_REQUEST['until_time']);`
			`}`

Centralizes data sanitation 2024-10-04 08:36:45 +00:00			`if (isset($_SESSION['notice'])) {`
			`$notice = htmlspecialchars($_SESSION['notice']); // 'notice' for all non-critical messages`
			`}`
			`if (isset($_SESSION['error'])) {`
			`$error = htmlspecialchars($_SESSION['error']); // 'error' for errors`
			`}`
Sanitize all output 2024-10-04 11:18:28 +00:00
Fixes add host pages 2024-10-30 17:11:23 +00:00			`// hosts`
			`if (isset($_POST['address'])) {`
			`$address = htmlspecialchars($_POST['address']);`
			`}`
			`if (isset($_POST['port'])) {`
			`$port = htmlspecialchars($_POST['port']);`
			`}`
			`if (isset($_POST['name'])) {`
			`$name = htmlspecialchars($_POST['name']);`
			`}`

Sanitize all output 2024-10-04 11:18:28 +00:00			`// agents`
			`if (isset($_POST['type'])) {`
			`$type = htmlspecialchars($_POST['type']);`
Centralizes data sanitation 2024-10-04 08:36:45 +00:00			`}`
Sanitize all output 2024-10-04 11:18:28 +00:00			`if (isset($_POST['url'])) {`
			`$url = htmlspecialchars($_POST['url']);`
			`}`
			`if (isset($_POST['secret_key'])) {`
			`$secret_key = htmlspecialchars($_POST['secret_key']);`
			`}`
Adds check period to agents config 2024-10-24 09:11:35 +00:00			`if (isset($_POST['check_period'])) {`
			`$check_period = htmlspecialchars($_POST['check_period']);`
			`}`
Sanitize all output 2024-10-04 11:18:28 +00:00
			`// platforms`
			`if (isset($_POST['name'])) {`
			`$name = htmlspecialchars($_POST['name']);`
Centralizes data sanitation 2024-10-04 08:36:45 +00:00			`}`


			`?>`