From b1a6a5a3991cec5cd08873b01376e45d0b247f18 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 14 Nov 2013 09:05:33 -0500
Subject: [PATCH] Cleaning up code to match coding guidelines

---
 interface/web/designer/module_nav_edit.php |  160 +++++++++++++++++++++++++----------------------------
 1 files changed, 76 insertions(+), 84 deletions(-)

diff --git a/interface/web/designer/module_nav_edit.php b/interface/web/designer/module_nav_edit.php
index 973692c..e7e63e1 100644
--- a/interface/web/designer/module_nav_edit.php
+++ b/interface/web/designer/module_nav_edit.php
@@ -27,129 +27,121 @@
 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
-require_once('../../lib/config.inc.php');
-require_once('../../lib/app.inc.php');
+require_once '../../lib/config.inc.php';
+require_once '../../lib/app.inc.php';
 
-if($_SESSION["s"]["user"]["typ"] != "admin") die("Admin permissions required.");
-
-// Checke Berechtigungen f�r Modul
-if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
-	header("Location: ../index.php");
-	exit;
+//* Security checkpoint
+if($_SESSION['s']['user']['typ'] != 'admin'){
+	die('Admin permissions required.');
 }
+if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
 
-// Lade Template
+//* Check permissions for module
+$app->auth->check_module_permissions('designer');
+
+//* Load template
 $app->uses('tpl');
-$app->tpl->newTemplate("form.tpl.htm");
-$app->tpl->setInclude('content_tpl','templates/module_nav_edit.htm');
+$app->tpl->newTemplate('form.tpl.htm');
+$app->tpl->setInclude('content_tpl', 'templates/module_nav_edit.htm');
 
 // TODO: Check module and nav_id for malicius chars, nav_id can be empty or any number, even 0
-$module_name = $_REQUEST["module_name"];
-$nav_id = $_REQUEST["nav_id"];
+$module_name = $_REQUEST['module_name'];
+$nav_id = $_REQUEST['nav_id'];
 
-if(!preg_match('/^[A-Za-z0-9_]{1,50}$/',$module_name)) die("module_name contains invalid chars.");
-if(!preg_match('/^[A-Za-z0-9_]{0,50}$/',$nav_id)) die("nav_id contains invalid chars.");
-
-if(empty($module_name)) die("module is empty.");
+//** Sanity checks of module
+if(!preg_match('/^[A-Za-z0-9_]{1,50}$/', $module_name)){
+	die('module_name contains invalid chars.');
+}
+if(!preg_match('/^[A-Za-z0-9_]{0,50}$/', $nav_id)){
+	die('nav_id contains invalid chars.');
+}
+if(empty($module_name)){
+	die('module is empty.');
+}
 
 if(count($_POST) > 0) {
-	// Bestimme aktion
-	if($nav_id != '') {
-		$action = 'UPDATE';
-	} else {
-		$action = 'INSERT';
-	}
-	
+	//* Determine Action
+	$action = ($nav_id != '') ? 'UPDATE' : 'INSERT';
 	$error = '';
-	
+
 	// TODO: Check variables
 
-	
 	if($error == '') {
-	
-		$filename = "../".$module_name."/lib/module.conf.php";
-		
-		if(!@is_file($filename)) die("File not found: $filename");
-		include_once($filename);
-		
-		if($action == 'UPDATE') {
-			$items = $module["nav"][$nav_id]["items"];
-		} else {
-			$items = array();
-		}
-		
-		$tmp = array('title' =>$_POST["nav"]["title"],
-					 'open' => 1,
-					 'items' => $items);
-		
-		if($action == 'UPDATE') {
-			$module["nav"][$nav_id] = $tmp;
-		} else {
-			$module["nav"][] = $tmp;
-		}
-		
-		$m = "<?php\r\n".'$module = '.var_export($module,true)."\r\n?>";
-				
-		// writing module.conf
-		if (!$handle = fopen($filename, 'w')) { 
-			print "Cannot open file ($filename)"; 
-			exit; 
-		} 
 
-		if (!fwrite($handle, $m)) { 
-			print "Cannot write to file ($filename)"; 
-			exit; 
-		} 
-    
+		$filename = '../'.$module_name.'/lib/module.conf.php';
+
+		if(!@is_file($filename)){
+			die("File not found: $filename");
+		}
+		include_once $filename;
+
+		$items = ($action == 'UPDATE') ?  $module['nav'][$nav_id]['items'] : array();
+
+		$tmp = array('title' => $_POST['nav']['title'],
+			'open' =>  1,
+			'items' => $items);
+
+		if($action == 'UPDATE') {
+			$module['nav'][$nav_id] = $tmp;
+		} else {
+			$module['nav'][] = $tmp;
+		}
+
+		$m = "<?php\r\n".'$module = '.var_export($module, true)."\r\n?>";
+
+		//* writing module.conf
+		if (!$handle = fopen($filename, 'w')) {
+			die("Cannot open file ($filename)");
+		}
+
+		if (!fwrite($handle, $m)) {
+			die("Cannot write to file ($filename)");
+		}
+
 		fclose($handle);
-		
-		
-		// zu Liste springen
-    	header("Location: module_show.php?id=$module_name");
-        exit;
-			
+
+
+		//* Jump to list
+		header('Location: module_show.php?id='.urlencode($module_name));
+		exit;
+
 	} else {
-		$app->tpl->setVar("error","<b>Fehler:</b><br>".$error);
+		$app->tpl->setVar('error', '<b>Fehler:</b><br>'.$error);
 		$app->tpl->setVar($_POST);
 	}
 }
 
 if($nav_id != '') {
-// Datensatz besteht bereits
-	// bestehenden Datensatz anzeigen
+	//* Data record exists
 	if($error == '') {
-		// es liegt ein Fehler vor
-		include_once("../".$module_name."/lib/module.conf.php");
-		$record = $module["nav"][$nav_id];
+		include_once '../'.$module_name.'/lib/module.conf.php';
+		$record = $module['nav'][$nav_id];
 	} else {
-		// ein Fehler
+		//* error
 		$record = $_POST;
 	}
 	//$record["readonly"] = 'style="background-color: #EEEEEE;" readonly';
 } else {
-// neuer datensatz
+	//* New data record
 	if($error == '') {
-		// es liegt kein Fehler vor
+		//* es liegt kein Fehler vor
 	} else {
-		// ein Fehler
+		//* error
 		$record = $_POST;
-		
+
 	}
 	//$record["readonly"] = '';
 }
 
-$record["nav_id"] = $nav_id;
-$record["module_name"] = $module_name;
+$record['nav_id'] = $nav_id;
+$record['module_name'] = $module_name;
 
 $app->tpl->setVar($record);
 
-include_once("lib/lang/".$_SESSION["s"]["language"]."_module_nav_edit.lng");
+include_once 'lib/lang/'.$_SESSION['s']['language'].'_module_nav_edit.lng';
 $app->tpl->setVar($wb);
 
-// Defaultwerte setzen
 $app->tpl_defaults();
-
-// Template parsen
 $app->tpl->pparse();
 
-?>
\ No newline at end of file
+?>

--
Gitblit v1.9.1