Skip to content

Commit 17d9855

Browse files
MauricioFauthMauricioFauth
committed
Remove $_POST variables from Table\TrackingController
Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>
1 parent 4044c3b commit 17d9855

5 files changed

Lines changed: 91 additions & 86 deletions

File tree

libraries/classes/Controllers/Table/TrackingController.php

Lines changed: 11 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -98,6 +98,10 @@ public function __invoke(ServerRequest $request): void
9898

9999
$logType = $this->validateLogTypeParam($request->getParsedBodyParam('log_type'));
100100

101+
$dateFrom = '';
102+
$dateTo = '';
103+
$users = '';
104+
101105
// Init vars for tracking report
102106
if ($report || $reportExport !== null) {
103107
$trackedData = Tracker::getTrackedData(
@@ -108,21 +112,10 @@ public function __invoke(ServerRequest $request): void
108112

109113
/** @var string $dateFrom */
110114
$dateFrom = $request->getParsedBodyParam('date_from', $trackedData['date_from']);
111-
if (! isset($_POST['date_from'])) {
112-
$_POST['date_from'] = $trackedData['date_from'];
113-
}
114-
115115
/** @var string $dateTo */
116116
$dateTo = $request->getParsedBodyParam('date_to', $trackedData['date_to']);
117-
if (! isset($_POST['date_to'])) {
118-
$_POST['date_to'] = $trackedData['date_to'];
119-
}
120-
121117
/** @var string $users */
122118
$users = $request->getParsedBodyParam('users', '*');
123-
if (! isset($_POST['users'])) {
124-
$_POST['users'] = '*';
125-
}
126119

127120
$GLOBALS['filter_ts_from'] = strtotime($dateFrom);
128121
$GLOBALS['filter_ts_to'] = strtotime($dateTo);
@@ -235,8 +228,8 @@ public function __invoke(ServerRequest $request): void
235228
$GLOBALS['table'],
236229
$versionParam,
237230
$trackedData,
238-
isset($_POST['delete_ddlog']),
239-
isset($_POST['delete_dmlog'])
231+
$request->hasBodyParam('delete_ddlog'),
232+
$request->hasBodyParam('delete_dmlog')
240233
);
241234
}
242235

@@ -248,7 +241,11 @@ public function __invoke(ServerRequest $request): void
248241
$logType,
249242
(int) $GLOBALS['filter_ts_to'],
250243
(int) $GLOBALS['filter_ts_from'],
251-
$GLOBALS['filter_users']
244+
$GLOBALS['filter_users'],
245+
$versionParam,
246+
$dateFrom,
247+
$dateTo,
248+
$users
252249
);
253250
}
254251

libraries/classes/Tracking.php

Lines changed: 64 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -224,7 +224,11 @@ public function getHtmlForTrackingReport(
224224
string $logType,
225225
$filter_ts_to,
226226
$filter_ts_from,
227-
array $filter_users
227+
array $filter_users,
228+
string $version,
229+
string $dateFrom,
230+
string $dateTo,
231+
string $users
228232
) {
229233
$html = '<h3>' . __('Tracking report')
230234
. ' [<a href="' . Url::getFromRoute('/table/tracking', $url_params) . '">' . __('Close')
@@ -234,7 +238,12 @@ public function getHtmlForTrackingReport(
234238
. htmlspecialchars($data['tracking']) . '</small><br>';
235239
$html .= '<br>';
236240

237-
[$str1, $str2, $str3, $str4, $str5] = $this->getHtmlForElementsOfTrackingReport($logType);
241+
[$str1, $str2, $str3, $str4, $str5] = $this->getHtmlForElementsOfTrackingReport(
242+
$logType,
243+
$dateFrom,
244+
$dateTo,
245+
$users
246+
);
238247

239248
// Prepare delete link content here
240249
$drop_image_or_text = '';
@@ -267,10 +276,23 @@ public function getHtmlForTrackingReport(
267276
$str3,
268277
$str4,
269278
$str5,
270-
$drop_image_or_text
279+
$drop_image_or_text,
280+
$version
271281
);
272282

273-
$html .= $this->getHtmlForTrackingReportExportForm2($url_params, $str1, $str2, $str3, $str4, $str5, $logType);
283+
$html .= $this->getHtmlForTrackingReportExportForm2(
284+
$url_params,
285+
$str1,
286+
$str2,
287+
$str3,
288+
$str4,
289+
$str5,
290+
$logType,
291+
$version,
292+
$dateFrom,
293+
$dateTo,
294+
$users
295+
);
274296

275297
$html .= "<br><br><hr><br>\n";
276298

@@ -282,10 +304,14 @@ public function getHtmlForTrackingReport(
282304
*
283305
* @psalm-param 'schema'|'data'|'schema_and_data' $logType
284306
*
285-
* @return array
307+
* @return string[]
286308
*/
287-
public function getHtmlForElementsOfTrackingReport(string $logType)
288-
{
309+
public function getHtmlForElementsOfTrackingReport(
310+
string $logType,
311+
string $dateFrom,
312+
string $dateTo,
313+
string $users
314+
): array {
289315
$str1 = '<select name="log_type">'
290316
. '<option value="schema"'
291317
. ($logType === 'schema' ? ' selected="selected"' : '') . '>'
@@ -298,11 +324,11 @@ public function getHtmlForElementsOfTrackingReport(string $logType)
298324
. __('Structure and data') . '</option>'
299325
. '</select>';
300326
$str2 = '<input type="text" name="date_from" value="'
301-
. htmlspecialchars($_POST['date_from']) . '" size="19">';
327+
. htmlspecialchars($dateFrom) . '" size="19">';
302328
$str3 = '<input type="text" name="date_to" value="'
303-
. htmlspecialchars($_POST['date_to']) . '" size="19">';
329+
. htmlspecialchars($dateTo) . '" size="19">';
304330
$str4 = '<input type="text" name="users" value="'
305-
. htmlspecialchars($_POST['users']) . '">';
331+
. htmlspecialchars($users) . '">';
306332
$str5 = '<input type="hidden" name="list_report" value="1">'
307333
. '<input class="btn btn-primary" type="submit" value="' . __('Go') . '">';
308334

@@ -345,14 +371,15 @@ public function getHtmlForTrackingReportExportForm1(
345371
$str3,
346372
$str4,
347373
$str5,
348-
$drop_image_or_text
374+
$drop_image_or_text,
375+
string $version
349376
) {
350377
$ddlog_count = 0;
351378

352379
$html = '<form method="post" action="' . Url::getFromRoute('/table/tracking') . '">';
353380
$html .= Url::getHiddenInputs($url_params + [
354381
'report' => 'true',
355-
'version' => $_POST['version'],
382+
'version' => $version,
356383
]);
357384

358385
$html .= sprintf(
@@ -371,7 +398,8 @@ public function getHtmlForTrackingReportExportForm1(
371398
$filter_ts_from,
372399
$filter_ts_to,
373400
$url_params,
374-
$drop_image_or_text
401+
$drop_image_or_text,
402+
$version
375403
);
376404
$html .= $temp;
377405
unset($temp);
@@ -386,7 +414,8 @@ public function getHtmlForTrackingReportExportForm1(
386414
$filter_ts_to,
387415
$url_params,
388416
$ddlog_count,
389-
$drop_image_or_text
417+
$drop_image_or_text,
418+
$version
390419
);
391420
}
392421

@@ -415,12 +444,16 @@ public function getHtmlForTrackingReportExportForm2(
415444
$str3,
416445
$str4,
417446
$str5,
418-
string $logType
447+
string $logType,
448+
string $version,
449+
string $dateFrom,
450+
string $dateTo,
451+
string $users
419452
) {
420453
$html = '<form method="post" action="' . Url::getFromRoute('/table/tracking') . '">';
421454
$html .= Url::getHiddenInputs($url_params + [
422455
'report' => 'true',
423-
'version' => $_POST['version'],
456+
'version' => $version,
424457
]);
425458

426459
$html .= sprintf(
@@ -436,11 +469,11 @@ public function getHtmlForTrackingReportExportForm2(
436469
$html .= '<form class="disableAjax" method="post" action="' . Url::getFromRoute('/table/tracking') . '">';
437470
$html .= Url::getHiddenInputs($url_params + [
438471
'report' => 'true',
439-
'version' => $_POST['version'],
472+
'version' => $version,
440473
'log_type' => $logType,
441-
'date_from' => $_POST['date_from'],
442-
'date_to' => $_POST['date_to'],
443-
'users' => $_POST['users'],
474+
'date_from' => $dateFrom,
475+
'date_to' => $dateTo,
476+
'users' => $users,
444477
'report_export' => 'true',
445478
]);
446479

@@ -483,7 +516,8 @@ public function getHtmlForDataManipulationStatements(
483516
$filter_ts_to,
484517
array $url_params,
485518
$ddlog_count,
486-
$drop_image_or_text
519+
$drop_image_or_text,
520+
string $version
487521
) {
488522
// no need for the second returned parameter
489523
[$html] = $this->getHtmlForDataStatements(
@@ -496,7 +530,8 @@ public function getHtmlForDataManipulationStatements(
496530
'dmlog',
497531
__('Data manipulation statement'),
498532
$ddlog_count,
499-
'dml_versions'
533+
'dml_versions',
534+
$version
500535
);
501536

502537
return $html;
@@ -520,7 +555,8 @@ public function getHtmlForDataDefinitionStatements(
520555
$filter_ts_from,
521556
$filter_ts_to,
522557
array $url_params,
523-
$drop_image_or_text
558+
$drop_image_or_text,
559+
string $version
524560
) {
525561
[$html, $line_number] = $this->getHtmlForDataStatements(
526562
$data,
@@ -532,7 +568,8 @@ public function getHtmlForDataDefinitionStatements(
532568
'ddlog',
533569
__('Data definition statement'),
534570
1,
535-
'ddl_versions'
571+
'ddl_versions',
572+
$version
536573
);
537574

538575
return [
@@ -567,7 +604,8 @@ private function getHtmlForDataStatements(
567604
$whichLog,
568605
$headerMessage,
569606
$lineNumber,
570-
$tableId
607+
$tableId,
608+
string $version
571609
) {
572610
$offset = $lineNumber;
573611
$entries = [];
@@ -583,7 +621,7 @@ private function getHtmlForDataStatements(
583621
$deleteParam = 'delete_' . $whichLog;
584622
$entry['url_params'] = Url::getCommon($urlParams + [
585623
'report' => 'true',
586-
'version' => $_POST['version'],
624+
'version' => $version,
587625
$deleteParam => $lineNumber - $offset,
588626
], '');
589627
$entry['line_number'] = $lineNumber;

phpstan-baseline.neon

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -8485,11 +8485,6 @@ parameters:
84858485
count: 1
84868486
path: libraries/classes/Tracking.php
84878487

8488-
-
8489-
message: "#^Method PhpMyAdmin\\\\Tracking\\:\\:getHtmlForElementsOfTrackingReport\\(\\) return type has no value type specified in iterable type array\\.$#"
8490-
count: 1
8491-
path: libraries/classes/Tracking.php
8492-
84938488
-
84948489
message: "#^Method PhpMyAdmin\\\\Tracking\\:\\:getHtmlForIndexes\\(\\) has parameter \\$indexes with no value type specified in iterable type array\\.$#"
84958490
count: 1

psalm-baseline.xml

Lines changed: 3 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -13583,8 +13583,7 @@
1358313583
</RedundantConditionGivenDocblockType>
1358413584
</file>
1358513585
<file src="libraries/classes/Tracking.php">
13586-
<InvalidArgument occurrences="1"/>
13587-
<MixedArgument occurrences="31">
13586+
<MixedArgument occurrences="21">
1358813587
<code>$columns</code>
1358913588
<code>$data[$which_log]</code>
1359013589
<code>$data['ddlog']</code>
@@ -13605,18 +13604,9 @@
1360513604
<code>$indexes</code>
1360613605
<code>$selected_table</code>
1360713606
<code>$selected_table</code>
13608-
<code>$str1</code>
13609-
<code>$str1</code>
13610-
<code>$str2</code>
13611-
<code>$str2</code>
13612-
<code>$str3</code>
13613-
<code>$str3</code>
13614-
<code>$str4</code>
13615-
<code>$str4</code>
13616-
<code>$str5</code>
13617-
<code>$str5</code>
1361813607
<code>$value['Name']</code>
1361913608
</MixedArgument>
13609+
<MixedArgumentTypeCoercion occurrences="1"/>
1362013610
<MixedArrayAccess occurrences="17">
1362113611
<code>$data[$which_log][$delete_id]</code>
1362213612
<code>$entry['date']</code>
@@ -13678,10 +13668,7 @@
1367813668
<code>$sep</code>
1367913669
<code>$sep</code>
1368013670
</PossiblyFalseOperand>
13681-
<PossiblyInvalidArgument occurrences="4">
13682-
<code>$_POST['date_from']</code>
13683-
<code>$_POST['date_to']</code>
13684-
<code>$_POST['users']</code>
13671+
<PossiblyInvalidArgument occurrences="1">
1368513672
<code>$data['schema_snapshot']</code>
1368613673
</PossiblyInvalidArgument>
1368713674
<PossiblyInvalidArrayOffset occurrences="2">

0 commit comments

Comments
 (0)