CMS MADE SIMPLE FORGE

MC Factory

 
Back Back to List

[#7403] Not cleaning input params

avatar
Created By: Giorgio Graffieti (protempore)
Date Submitted: Fri Dec 30 04:53:28 -0500 2011

Assigned To: Jean-Christophe Cuvelier (totophe)
Version: MCFactory 3.1.2
CMSMS Version: 1.10.2
Severity: Major
Resolution: Fixed
State: Closed
Summary:
Not cleaning input params
Detailed Description:
in all forms created MCFactory core admin log is full with lines like:
Module is not properly cleaning input params


History

Comments
avatar 
Date: 2012-03-19 09:02
Posted By: manuel (manuel)

Same here, I've created a really basic module as a test (1 wysiwyg input and 1
image input) and this error appears in the admin log:
Module is not properly cleaning input params

Greetings,
Manuel
avatar 
Date: 2012-05-02 12:57
Posted By:  (Valmy)

Version: MCFactory 3.1.8
CMSMS Version: 1.10.1

Same problem for me, i have resolve it with change in 
\modules\MCFactory\smarty\templates\MCFModule.module.php.tpl
line ; 178
function InitializeGlobal() {  
    $this->RegisterModulePlugin();
	// Change by VALMY
	if (method_exists({{$module->getModuleName()}}Object,"InitializeGlobal") ) {
	{{$module->getModuleName()}}Object::InitializeGlobal($this);
	}
	// Change by VALMY

Now In Custom logic of your module you have to add this code :

static function InitializeGlobal($Module){
  $Module->RestrictUnknownParams(true);
$Module->SetParameterType("type",CLEAN_STRING);
}

You have to declare all your module parameter with this line 
$Module->SetParameterType("type",CLEAN_STRING);



You can use : CLEAN_INT CLEAN_FLOAT CLEAN_NONE  CLEAN_STRING:
avatar 
Date: 2013-04-16 16:52
Posted By: Adam Koontz (ak-designworks)

Are there any plans to resolve this issue in the next release? My customers are
getting large amounts of notices in the Admin Log which makes the Admin Log more
difficult to use.

Thanks!
avatar 
Date: 2013-04-17 06:38
Posted By: Jean-Christophe Cuvelier (totophe)

Hi there, sorry to answer late...

I know the problem, but I've no clean enough solution for the moment. Also I
don't like this feature of CMSMS. It "gives" more security but remove completely
the flexibility which is a foundation of MCFactory in the first place.

Also, if I implement it too strictly, it could badly break the
retro-compatibility with previous versions of the generated modules...

The method of Valmy is nice, but I don't like the fact to use the custom logic
to implement that because this piece of code don't belong there. I should create
a system allowing people to overload the Module class itself. So, for now, I
would suggest the ones who need this feature to use the Valmy solution, but I
cannot guaranty that I'll use this form when I'll try to implement something.

I'll have to look at this issue at some point. 

Best regards,

Jean-Christophe
avatar 
Date: 2013-06-27 11:45
Posted By: Jean-Christophe Cuvelier (totophe)

This has been fixed via a workaround. A better way of doing it will be
implemented along the version 2 of CMSMS.
Updates

Updated: 2013-06-27 11:45
resolution_id: => 7
state: Open => Closed