[AppDB] App-Submit improvements - version 2

Paul van Schayck info at wwwdesign.tmfweb.nl
Wed Mar 17 01:39:06 CST 2004


Hey,

There were two small bugs inside my previous patch.
 (I now have the AppDB running local). This is the whole patch again.

Changelog:
Check the submitted input. Switched to $_REQUEST.

Index: appdb/appsubmit.php
===================================================================
RCS file: /home/wine/appdb/appsubmit.php,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 appsubmit.php
--- appdb/appsubmit.php	15 Mar 2004 16:22:00 -0000	1.1.1.1
+++ appdb/appsubmit.php	17 Mar 2004 07:32:27 -0000
@@ -1,37 +1,83 @@
 <?

 /* code to Submit a new application */
-/*   last modified 06-06-01 by Jeremy Newman */

+// Check the input of a submitted form. And output with a list
+// of errors. (<ul></ul>)
+function checkInput( $fields )
+{
+	$errors = "";
+
+	if( strlen($fields['queueName']) > 200 )
+	{
+		$errors .= "<li>Your application name is too long.</li>\n";
+	}
+
+	if( empty( $fields['queueName']) )
+	{
+		$errors .= "<li>Please enter an application name.</li>\n";
+	}
+
+	if( empty( $fields['queueVersion']) )
+	{
+		$errors .= "<li>Please enter an application version.</li>\n";
+	}
+
+	if( empty( $fields['queueVendor']) )
+	{
+		$errors .= "<li>Please enter a vendor.</li>\n";
+	}
+
+	if( empty( $fields['queueDesc']) )
+	{
+		$errors .= "<li>Please enter a description of your application.</li>\n";
+	}
+
+	// Not empty and an invalid e-mail address
+	if( !empty( $fields['queueEmail']) AND !preg_match('/^[A-Za-z0-9\._-]+[@][A-Za-z0-9_-]+([.][A-Za-z0-9_-]+)+[A-Za-z]$/',$fields['queueEmail']) )
+	{
+		$errors .= "<li>Please enter a valid e-mail address.</li>\n";
+	}
+
+	if( empty($errors) )
+	{
+		return "";
+	}
+	else
+	{
+		return $errors;
+	}
+}

 include("path.php");
 require(BASE."include/"."incl.php");
 global $current;

-// set email field if logged in
-if ($current && loggedin())
-{
-    $email = $current->lookup_email($current->userid);
-}
-
-//header
-apidb_header("Submit Application");
-
-
-if ($queueName)
+if ($_REQUEST['queueName'])
 {
 	// add to queue

+	// Check input and exit if we found errors
+	$errors = checkInput($_REQUEST);
+	if( !empty($errors) )
+	{
+		errorpage("We found the following errors:","<ul>$errors</ul><br>Please go back and correct them.");
+		exit;
+	}
+
+	// header
+	apidb_header("Submit Application");
+
 	//FIXME: need to get image upload in

 	$query = "INSERT INTO appQueue VALUES (null, '".
-			addslashes($queueName)."', '".
-			addslashes($queueVersion)."', '".
-			addslashes($queueVendor)."', '".
-            addslashes($queueDesc)."', '".
-			addslashes($queueEmail)."', '".
-			addslashes($queueURL)."', '".
-			addslashes($queueImage)."');";
+			addslashes($_REQUEST['queueName'])."', '".
+			addslashes($_REQUEST['queueVersion'])."', '".
+			addslashes($_REQUEST['queueVendor'])."', '".
+			addslashes($_REQUEST['queueDesc'])."', '".
+			addslashes($_REQUEST['queueEmail'])."', '".
+			addslashes($_REQUEST['queueURL'])."', '".
+			addslashes($_REQUEST['queueImage'])."');";

 	mysql_query($query);

@@ -50,6 +96,15 @@
 }
 else
 {
+	// set email field if logged in
+	if ($current && loggedin())
+	{
+    	$email = $current->lookup_email($current->userid);
+	}
+
+	// header
+	apidb_header("Submit Application");
+
 	// show add to queue form

 	echo '<form name="newApp" action="appsubmit.php" method="post" enctype="multipart/form-data">',"\n";
@@ -58,8 +113,10 @@
 	echo "database. The application will be reviewed by the AppDB Administrator\n";
 	echo "and you will be notified via email if this application will be added to\n";
 	echo "the database.</p>\n";
-	echo "<p>Please don't forget to mention whether you actually tested this\n";
-	echo "application under Wine, which Wine version you used and how well it worked. Thank you !</p>\n";
+	echo "<p>Please don't forget to mention which Wine version you used, how well it worked\n";
+	echo "and if any workaround were needed. Haveing app descriptions just sponsoring the app\n";
+	echo "(Yes, some vendor want to use the appdb for this) or saying \"I haven't tried this app with wine\" ";
+	echo "won't help wine development or wine users.</p>\n";
 	echo "<p>To submit screenshots, please email them to ";
 	echo "<a href='mailto:appdb at winehq.com'>appdb at winehq.com</a></p>\n";





More information about the wine-patches mailing list