JanKanis avatar JanKanis committed 0c17062

check for illegal projectcodes; rename $fields to $allfields

Comments (0)

Files changed (1)

aanmeldscript.php

 date_default_timezone_set($timezone);
 $velden = index(parsecsv($csvvelden), 'code');
 $janee = index(parsecsv($janeevragen), 'code');
-$fields = array_merge(array_keys($velden), array_keys($janee), array('opmerkingen'));
+$allfields = array_merge(array_keys($velden), array_keys($janee), array('opmerkingen'));
 
 $aanmelding = Null;
 $displayform = True;
 
 // return array('success'=>bool, 'displayform'=>bool, 'fout'=>string?, 'aanmelding'=>array)
 function savepost() {
-	global $velden, $janee,  $fields;
+	global $velden, $janee, $allfields;
 	global $contactemail, $aanmeldemail, $app;
 
 	$aanmelding = array();
 	}
 
 	// WTF: Hier zou je een dictionary comprehension willen gebruiken
-	foreach($fields as $field) {
+	foreach($allfields as $field) {
 		$aanmelding[$field] = trim((string) @$_POST[$field]);
 	}
 
 		return $return;
 	}
 
+	// Check geldigheid van projectcodes
+
+	foreach($velden as $veld) {
+		if($veld['type'] != 'keuzes') continue;
+		$code = $aanmelding[$veld['code']];
+		if(!isset($app->projectendata[$code])) {
+			if($veld['verplicht'] != '1' and trim($code) == '') continue;
+			log_error("Onbekende projectcode in ingevuld formulier: '$code'");
+			$return['fout'] = "Er is een fout opgetreden: onbekend project";
+			$return['displayform'] = False;
+			return $return;
+		}
+	}
+
 	// Check emailadres
 
 	// het blijkt dat zo ongeveer alle printable ascii kararkters geldig zijn in het user deel van een
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.