From dd61058e6020c04f05145a7a65db4cc30253c6e9 Mon Sep 17 00:00:00 2001
From: Jonathan Ernst <Jonathan@ernstfamily.ch>
Date: Tue, 14 Dec 2004 02:35:16 +0000
Subject: [PATCH] - replaced global vars with superglobals equivalent

---
 admin/adminMaintainerQueue.php | 24 ++++++------
 admin/editAppVersion.php       | 70 +++++++++++++++++-----------------
 2 files changed, 47 insertions(+), 47 deletions(-)

diff --git a/admin/adminMaintainerQueue.php b/admin/adminMaintainerQueue.php
index b897951..f267b33 100644
--- a/admin/adminMaintainerQueue.php
+++ b/admin/adminMaintainerQueue.php
@@ -23,15 +23,15 @@ if(!loggedin())
 apidb_header("Admin Maintainer Queue");
 echo '<form name="qform" action="adminMaintainerQueue.php" method="post" enctype="multipart/form-data">',"\n";
 
-if ($sub)
+if ($_REQUEST['sub'])
 {
-    if ($queueId)
+    if ($_REQUEST['queueId'])
     {
         //get data
         $query = "SELECT queueId, appId, versionId,".
                      "userId, maintainReason, superMaintainer,".
                      "UNIX_TIMESTAMP(submitTime) as submitTime ".
-                     "FROM appMaintainerQueue WHERE queueId = $queueId;";
+                     "FROM appMaintainerQueue WHERE queueId = ".$_REQUEST['queueId'].";";
         $result = mysql_query($query);
         $ob = mysql_fetch_object($result);
         mysql_free_result($result);
@@ -45,7 +45,7 @@ if ($sub)
     }
 
     //process according to which request was submitted and optionally the sub flag
-    if (!$_REQUEST['add'] && !$_REQUEST['reject'] && $queueId)
+    if (!$_REQUEST['add'] && !$_REQUEST['reject'] && $_REQUEST['queueId'])
     {
         $x = new TableVE("view");
 
@@ -155,20 +155,20 @@ if ($sub)
 
         /* Add button */
         echo '<tr valign=top><td class=color3 align=center colspan=2>' ,"\n";
-        echo '<input type=submit name=add value=" Add maintainer to this application " class=button> </td></tr>',"\n";
+        echo '<input type=submit name=add value=" Add maintainer to this application " class=button /> </td></tr>',"\n";
 
         /* Reject button */
         echo '<tr valign=top><td class=color3 align=center colspan=2>' ,"\n";
-        echo '<input type=submit name=reject value=" Reject this request " class=button></td></tr>',"\n";
+        echo '<input type=submit name=reject value=" Reject this request " class=button /></td></tr>',"\n";
 
         echo '</table>',"\n";
-        echo '<input type=hidden name="sub" value="inside_form">',"\n"; 
-        echo '<input type=hidden name="queueId" value="'.$queueId.'">',"\n";  
+        echo '<input type=hidden name="sub" value="inside_form" />',"\n"; 
+        echo '<input type=hidden name="queueId" value="'.$_REQUEST['queueId'].'" />',"\n";  
 
         echo html_frame_end("&nbsp;");
         echo html_back_link(1,'adminMaintainerQueue.php');
     }
-    else if ($_REQUEST['add'] && $queueId)
+    else if ($_REQUEST['add'] && $_REQUEST['queueId'])
     {
         //add this user, app and version to the database
         $statusMessage = "";
@@ -187,7 +187,7 @@ if ($sub)
             $statusMessage = "<p>The application was successfully added into the database</p>\n";
 
             //delete the item from the queue
-            mysql_query("DELETE from appMaintainerQueue where queueId = $queueId;");
+            mysql_query("DELETE from appMaintainerQueue where queueId = ".$_REQUEST['queueId'].";");
 
             $goodtogo = 1; /* set to 1 so we send the response email */
         } else
@@ -215,7 +215,7 @@ if ($sub)
         echo html_frame_end("&nbsp;");
         echo html_back_link(1,'adminMaintainerQueue.php'); 
     }
-    else if (($_REQUEST['reject'] || ($sub == 'reject')) && $queueId)
+    else if (($_REQUEST['reject'] || ($_REQUEST['sub'] == 'reject')) && $_REQUEST['queueId'])
     {
        if (lookupEmail($ob->userId))
        {
@@ -230,7 +230,7 @@ if ($sub)
        }
 
        //delete main item
-       $query = "DELETE from appMaintainerQueue where queueId = $queueId;";
+       $query = "DELETE from appMaintainerQueue where queueId = ".$_REQUEST['queueId'].";";
        $result = mysql_query($query);
        echo html_frame_start("Delete maintainer application",400,"",0);
        if(!$result)
diff --git a/admin/editAppVersion.php b/admin/editAppVersion.php
index 9346531..937d4d9 100644
--- a/admin/editAppVersion.php
+++ b/admin/editAppVersion.php
@@ -9,20 +9,20 @@ require(BASE."include/"."application.php");
 
 
 //check for admin privs
-if(!loggedin() || (!havepriv("admin") && !isMaintainer($appId, $versionId)) )
+if(!loggedin() || (!havepriv("admin") && !isMaintainer($_REQUEST['appId'], $_REQUEST['versionId'])) )
 {
     errorpage("Insufficient Privileges!");
     exit;
 }
 
-if($HTTP_POST_VARS)
+if(isset($_REQUEST['submit1']))
 {
-    if($submit1 == "Update Database")
+    if($_REQUEST['submit1'] == "Update Database")
 
     {
         $statusMessage = '';
         // Get the old values from the database 
-        $query = "SELECT * FROM appVersion WHERE appId = $appId and versionId = $versionId";
+        $query = "SELECT * FROM appVersion WHERE appId = ".$_REQUEST['appId']." and versionId = ".$_REQUEST['versionId'];
         $result = mysql_query($query);
         $ob = mysql_fetch_object($result);
         $old_versionName = $ob->versionName;
@@ -30,9 +30,9 @@ if($HTTP_POST_VARS)
         $old_description = $ob->description;
         $old_webPage     = $ob->webPage;
 
-        $versionName   = addslashes($versionName);
-        $description   = addslashes($description);
-        $webPage       = addslashes($webPage);
+        $versionName   = addslashes($_REQUEST['versionName']);
+        $description   = addslashes($_REQUEST['description']);
+        $webPage       = addslashes($_REQUEST['webPage']);
         $VersionChanged = false;
         if ($old_versionName <> $versionName)
         {
@@ -40,7 +40,7 @@ if($HTTP_POST_VARS)
             $WhatChanged .= "              New Value: ".stripslashes($versionName)."\n";
             $VersionChanged = true;
         } 
-        if ($old_keywords <> $keywords)
+        if ($old_keywords <> $_REQUEST['keywords'])
         {
              $WhatChanged .= "   Key Words: Old Value: ".stripslashes($old_keywords)."\n";
              $WhatChanged .= "              New Value: ".stripslashes($keywords)."\n";
@@ -68,18 +68,18 @@ if($HTTP_POST_VARS)
         if ($VersionChanged)
         {
             $query = "UPDATE appVersion SET versionName = '".$versionName."', ".
-                "keywords = '".$keywords."', ".
+                "keywords = '".$_REQUEST['keywords']."', ".
                 "description = '".$description."', ".
                 "webPage = '".$webPage."'".
-                " WHERE appId = $appId and versionId = $versionId";
+                " WHERE appId = ".$_REQUEST['appId']." and versionId = ".$_REQUEST['versionId'];
             if (mysql_query($query))
             {  
-	        //success
-                $email = getNotifyEmailAddressList($appId, $versionId);
+          //success
+                $email = getNotifyEmailAddressList($_REQUEST['appId'], $_REQUEST['versionId']);
                 if($email)
                 {
-                    $fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId);
-                    $ms .= APPDB_ROOT."appview.php?appId=$appId&versionId=$versionId"."\n";
+                    $fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']);
+                    $ms .= APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\n";
                     $ms .= "\n";
                     $ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." changed ".$fullAppName."\n";
                     $ms .= "\n";
@@ -96,28 +96,28 @@ if($HTTP_POST_VARS)
                 addmsg("mesage sent to: ".$email, green);
 
                 addmsg("The Version was successfully updated in the database", "green");
-                redirect(apidb_fullurl("appview.php?appId=$appId&versionId=$versionId"));
-	    }
-	    else
-	    {
-	       //error
-               $statusMessage = "<p><b>Database Error!<br>".mysql_error()."</b></p>\n";
+                redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
+      }
+      else
+      {
+         //error
+               $statusMessage = "<p><b>Database Error!<br />".mysql_error()."</b></p>\n";
                addmsg($statusMessage, "red");
-               redirect(apidb_fullurl("admin/editAppVersion.php?appId=$appId&versionId=$versionId"));
-	    }
-	    
+               redirect(apidb_fullurl("admin/editAppVersion.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
+      }
+      
         } else
         {
             addmsg("Nothing changed", "red");
-            redirect(apidb_fullurl("admin/editAppVersion.php?appId=$appId&versionId=$versionId"));
+            redirect(apidb_fullurl("admin/editAppVersion.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
         }
     }
-    exit;   	
+    exit;     
 } else
 {
     $query = "SELECT versionName,  keywords, ".
         "description, webPage from appVersion WHERE ".
-        "appId = '$appId' and versionId = '$versionId'";
+        "appId = '".$_REQUEST['appId']."' and versionId = '".$_REQUEST['versionId']."'";
     if(debugging()) { echo "<p align=center><b>query:</b> $query </p>"; }
 
     $result = mysql_query($query);
@@ -126,20 +126,20 @@ if($HTTP_POST_VARS)
     apidb_header("Edit Application Version");
 
     echo "<form method=post action='editAppVersion.php'>\n";
-    echo html_frame_start("Data for Application ID: $appId Version ID: $versionId", "90%","",0);
+    echo html_frame_start("Data for Application ID: ".$_REQUEST['appId']." Version ID: ".$_REQUEST['versionId'], "90%","",0);
     echo html_table_begin("width='100%' border=0 align=left cellpadding=6 cellspacing=0 class='box-body'");
 
-    echo '<input type=hidden name="appId" value='.$appId.'>';
-    echo '<input type=hidden name="appId" value='.$appId.'>';
-    echo '<input type=hidden name="versionId" value='.$versionId.'>';
-    echo '<tr><td class=color1>Name</td><td class=color0>'.lookupAppName($appId).'</td></tr>',"\n";
-    echo '<tr><td class=color4>Version</td><td class=color0><input size=80% type="text" name="versionName" type="text" value="'.$versionName.'"></td></tr>',"\n";
-    echo '<tr><td class=color1>Keywords</td><td class=color0><input size=80% type="text" name="keywords" value="'.$keywords.'"></td></tr>',"\n";
+    echo '<input type=hidden name="appId" value='.$_REQUEST['appId'].' />';
+    echo '<input type=hidden name="appId" value='.$_REQUEST['appId'].' />';
+    echo '<input type=hidden name="versionId" value='.$_REQUEST['versionId'].' />';
+    echo '<tr><td class=color1>Name</td><td class=color0>'.lookupAppName($_REQUEST['appId']).'</td></tr>',"\n";
+    echo '<tr><td class=color4>Version</td><td class=color0><input size=80% type="text" name="versionName" type="text" value="'.$versionName.'" /></td></tr>',"\n";
+    echo '<tr><td class=color1>Keywords</td><td class=color0><input size=80% type="text" name="keywords" value="'.$keywords.'" /></td></tr>',"\n";
     echo '<tr><td class=color4>Description</td><td class=color0>', "\n";
     echo '<textarea cols=$80 rows=$30 name="description">'.stripslashes($description).'</textarea></td></tr>',"\n";
-    echo '<tr><td class=color1>Web Page</td><td class=color0><input size=80% type="text" name="webPage" value="'.$webPage.'"></td></tr>',"\n";
+    echo '<tr><td class=color1>Web Page</td><td class=color0><input size=80% type="text" name="webPage" value="'.$webPage.'" /></td></tr>',"\n";
 
-    echo '<tr><td colspan=2 align=center class=color3><input type="submit" name=submit1 value="Update Database"></td></tr>',"\n";
+    echo '<tr><td colspan=2 align=center class=color3><input type="submit" name=submit1 value="Update Database" /></td></tr>',"\n";
 
     echo html_table_end();
     echo html_frame_end();