[Mapbender-commits] r8563 - trunk/mapbender/http/php
svn_mapbender at osgeo.org
svn_mapbender at osgeo.org
Mon Feb 18 11:33:04 PST 2013
Author: armin11
Date: 2013-02-18 11:33:04 -0800 (Mon, 18 Feb 2013)
New Revision: 8563
Modified:
trunk/mapbender/http/php/mb_validateSession.php
trunk/mapbender/http/php/mod_callMetadata.php
trunk/mapbender/http/php/mod_dataISOMetadata.php
trunk/mapbender/http/php/mod_interfaceWms4Kml.php
trunk/mapbender/http/php/mod_layerISOMetadata.php
trunk/mapbender/http/php/mod_showMetadata.php
trunk/mapbender/http/php/mod_wmc2ol.php
Log:
Security fix for XSS.
Modified: trunk/mapbender/http/php/mb_validateSession.php
===================================================================
--- trunk/mapbender/http/php/mb_validateSession.php 2013-02-18 14:11:44 UTC (rev 8562)
+++ trunk/mapbender/http/php/mb_validateSession.php 2013-02-18 19:33:04 UTC (rev 8563)
@@ -71,7 +71,8 @@
//validate to de, en, fr, ... give a whitelist
$testMatch = $_REQUEST["lang"];
if (!($testMatch == 'de' or $testMatch == 'en' or $testMatch == 'fr')){
- echo 'lang: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'lang: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>lang</b> is not valid (de,fr,en).<br/>';
die();
}
$lang = $testMatch;
Modified: trunk/mapbender/http/php/mod_callMetadata.php
===================================================================
--- trunk/mapbender/http/php/mod_callMetadata.php 2013-02-18 14:11:44 UTC (rev 8562)
+++ trunk/mapbender/http/php/mod_callMetadata.php 2013-02-18 19:33:04 UTC (rev 8563)
@@ -77,8 +77,9 @@
//validate to csv integer list
$testMatch = $_REQUEST["searchText"];
$pattern = '/(\%27)|(\')|(\-\-)|(\")|(\%22)/';
- if (preg_match($pattern,$testMatch)){
- echo 'searchText: <b>'.$testMatch.'</b> is not valid.<br/>';
+ if (preg_match($pattern,$testMatch)){
+ //echo 'searchText: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>searchText</b> is not valid.<br/>';
die();
}
$searchText = $testMatch;
@@ -92,7 +93,8 @@
$testMatch = $_REQUEST["registratingDepartments"];
$pattern = '/^[\d,]*$/';
if (!preg_match($pattern,$testMatch)){
- echo 'registratingDepartments: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'registratingDepartments: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>registratingDepartments</b> is not valid (integer or cs integer list).<br/>';
die();
}
$registratingDepartments = $testMatch;
@@ -103,7 +105,8 @@
$testMatch = $_REQUEST["resourceIds"];
$pattern = '/^[\d,]*$/';
if (!preg_match($pattern,$testMatch)){
- echo 'resourceIds: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'resourceIds: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>resourceIds</b> is not valid (integer or cs integer list).<br/>';
die();
}
$resourceIds = $testMatch;
@@ -114,7 +117,8 @@
$testMatch = $_REQUEST["isoCategories"];
$pattern = '/^[\d,]*$/';
if (!preg_match($pattern,$testMatch)){
- echo 'isoCategories: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'isoCategories: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>isoCategories</b> is not valid (integer or cs integer list).<br/>';
die();
}
$isoCategories = $testMatch;
@@ -125,7 +129,8 @@
$testMatch = $_REQUEST["inspireThemes"];
$pattern = '/^[\d,]*$/';
if (!preg_match($pattern,$testMatch)){
- echo 'inspireThemes: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'inspireThemes: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>inspireThemes</b> is not valid (integer or cs integer list).<br/>';
die();
}
$inspireThemes = $testMatch;
@@ -136,8 +141,9 @@
//validate to csv integer list
$testMatch = $_REQUEST["customCategories"];
$pattern = '/^[\d,]*$/';
- if (!preg_match($pattern,$testMatch)){
- echo 'customCategories: <b>'.$testMatch.'</b> is not valid.<br/>';
+ if (!preg_match($pattern,$testMatch)){
+ //echo 'customCategories: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>customCategories</b> is not valid (integer or cs integer list).<br/>';
die();
}
$customCategories = $testMatch;
@@ -148,8 +154,9 @@
//validate to iso date format YYYY-MM-DD
$testMatch = $_REQUEST["timeBegin"];
$pattern = '/^(19|20)[0-9]{2}[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/';
- if (!preg_match($pattern,$testMatch)){
- echo 'timeBegin: <b>'.$testMatch.'</b> is not valid.<br/>';
+ if (!preg_match($pattern,$testMatch)){
+ //echo 'timeBegin: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>timeBegin</b> is not valid.<br/>';
die();
}
$timeBegin = $testMatch;
@@ -159,7 +166,8 @@
$testMatch = $_REQUEST["timeEnd"];
$pattern = '/^(19|20)[0-9]{2}[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/';
if (!preg_match($pattern,$testMatch)){
- echo 'timeEnd: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'timeEnd: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>timeEnd</b> is not valid.<br/>';
die();
}
$timeEnd = $testMatch;
@@ -170,7 +178,8 @@
$testMatch = $_REQUEST["regTimeBegin"];
$pattern = '/^(19|20)[0-9]{2}[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/';
if (!preg_match($pattern,$testMatch)){
- echo 'regTimeBegin: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'regTimeBegin: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>regTimeBegin</b> is not valid.<br/>';
die();
}
$regTimeBegin = $testMatch;
@@ -181,7 +190,8 @@
$testMatch = $_REQUEST["regTimeEnd"];
$pattern = '/^(19|20)[0-9]{2}[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/';
if (!preg_match($pattern,$testMatch)){
- echo 'regTimeEnd: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'regTimeEnd: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>regTimeEnd</b> is not valid.<br/>';
die();
}
$regTimeEnd = $testMatch;
@@ -193,7 +203,8 @@
//give max 99 entries - more will be to slow
$pattern = '/^([0-9]{0,1})([0-9]{1})$/';
if (!preg_match($pattern,$testMatch)){
- echo 'maxResults: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'maxResults: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>maxResults</b> is not valid (integer < 99).<br/>';
die();
}
$maxResults = $testMatch;
@@ -206,12 +217,12 @@
$pattern = '/^[-+]?([0-9]*\.[0-9]+|[0-9]+)*$/';
$testMatchArray = explode(',',$testMatch);
if (count($testMatchArray) != 4) {
- echo 'searchBbox: <b>'.$testMatch.'</b> has a wrong amount of entries.<br/>';
+ echo 'Parameter <b>searchBbox</b> has a wrong amount of entries.<br/>';
die();
}
for($i=0; $i<count($testMatchArray);$i++){
if (!preg_match($pattern,$testMatchArray[$i])){
- echo 'searchBbox: <b>'.$testMatchArray[$i].'</b> is not a valid coordinate value.<br/>';
+ echo 'Parameter <b>searchBbox</b> is not a valid coordinate value.<br/>';
die();
}
}
@@ -222,7 +233,8 @@
//validate to inside / outside - TODO implement other ones than intersects which is default
$testMatch = $_REQUEST["searchTypeBbox"];
if (!($testMatch == 'inside' or $testMatch == 'outside' or $testMatch == 'intersects')){
- echo 'searchTypeBbox: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'searchTypeBbox: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>searchTypeBbox</b> is not valid (inside,outside,intersects).<br/>';
die();
}
$searchTypeBbox = $testMatch; //TODO activate this
@@ -236,7 +248,8 @@
//validate to de, en, fr
$testMatch = $_REQUEST["languageCode"];
if (!($testMatch == 'de' or $testMatch == 'en' or $testMatch == 'fr')){
- echo 'languageCode: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'languageCode: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>languageCode</b> is not valid (de,fr,en).<br/>';
die();
}
$languageCode = $testMatch;
@@ -245,7 +258,8 @@
if (isset($_REQUEST["outputFormat"]) & $_REQUEST["outputFormat"] != "") {
$testMatch = $_REQUEST["outputFormat"];
if (!($testMatch == 'json' or $testMatch == 'georss')){
- echo 'outputFormat: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'outputFormat: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>outputFormat</b> is not valid (json,georss).<br/>';
die();
}
$outputFormat = $testMatch;
@@ -257,9 +271,10 @@
//look for whitelist in mapbender.conf
$HOSTNAME_WHITELIST_array = explode(",",HOSTNAME_WHITELIST);
if (!in_array($testMatch,$HOSTNAME_WHITELIST_array)) {
- echo "Requested hostname <b>".$testMatch."</b> not whitelist! Please control your mapbender.conf.";
+ //echo "Requested hostname <b>".$testMatch."</b> not whitelist! Please control your mapbender.conf.";
+ echo "Requested <b>hostName</b> not in whitelist! Please control your mapbender.conf.";
$e = new mb_notice("Whitelist: ".HOSTNAME_WHITELIST);
- $e = new mb_notice($testMatch." not found in whitelist!");
+ $e = new mb_notice("hostName not found in whitelist!");
die();
}
$hostName = $testMatch;
@@ -268,7 +283,8 @@
if (isset($_REQUEST["orderBy"]) & $_REQUEST["orderBy"] != "") {
$testMatch = $_REQUEST["orderBy"];
if (!($testMatch == 'rank' or $testMatch == 'title' or $testMatch == 'id' or $testMatch == 'date')){
- echo 'orderBy: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'orderBy: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>orderBy</b> is not valid (rank,title,id,date).<br/>';
die();
}
$orderBy = $testMatch;
@@ -282,13 +298,15 @@
#$pattern = '/^(19|20)[0-9]{2}[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/';
$countSR = count(explode(',',$testMatch));
if (!($countSR >= 1 && $countSR <= 4)){
- echo 'searchResources: <b>'.$testMatch.'</b> count of requested resources out of sync.<br/>';
+ //echo 'searchResources: <b>'.$testMatch.'</b> count of requested resources out of sync.<br/>';
+ echo 'Parameter <b>searchResources</b> count of requested resources out of sync.<br/>';
die();
} else {
$testArray = explode(',',$testMatch);
for($i=0; $i<count($testArray);$i++){
- if (!($testArray[$i] == 'wms' or $testArray[$i] == 'wfs' or $testArray[$i] == 'wmc' or $testArray[$i] == 'daData')) {
- echo 'searchResources: <b>'.$testMatch.'</b>at least one of them does not exists!<br/>';
+ if (!($testArray[$i] == 'wms' or $testArray[$i] == 'wfs' or $testArray[$i] == 'wmc' or $testArray[$i] == 'data')) {
+ //echo 'searchResources: <b>'.$testMatch.'</b>at least one of them does not exists!<br/>';
+ echo 'Parameter <b>searchResources</b>at least one of them does not exists! (wms,wfs,wmc,data)<br/>';
die();
}
}
@@ -302,11 +320,13 @@
$testMatch = $_REQUEST["searchPages"];
$pattern = '/^[-\d,]*$/';
if (!preg_match($pattern,$testMatch)){
- echo 'searchPages: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'searchPages: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>searchPages</b> is not valid (integer).<br/>';
die();
}
if (count(explode(',',$testMatch)) != count(explode(',',$searchResources))) {
- echo 'searchPages: <b>'.$testMatch.'</b> has a wrong amount of entries.<br/>';
+ //echo 'searchPages: <b>'.$testMatch.'</b> has a wrong amount of entries.<br/>';
+ echo 'Parameter <b>searchPages</b> has a wrong amount of entries.<br/>';
die();
}
$searchPages = $testMatch;
@@ -319,7 +339,8 @@
//validate to web,debug,file
$testMatch = $_REQUEST["resultTarget"];
if (!($testMatch == 'web' or $testMatch == 'debug' or $testMatch == 'file' or $testMatch == 'webclient')){
- echo 'resultTarget: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'resultTarget: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>resultTarget</b> is not valid (file,web,debug,webclient).<br/>';
die();
}
$resultTarget = $testMatch;
@@ -335,7 +356,8 @@
//give max 99 entries - more will be to slow
$pattern = '/^[0-9]*$/';
if (!preg_match($pattern,$testMatch)){
- echo 'userId: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'userId: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>userId</b> is not valid (integer).<br/>';
die();
}
$userId = $testMatch;
@@ -356,16 +378,6 @@
//TODO: if class is called directly
-
-
-
-
-
-
-
-
-
-
if ($resultTarget == 'debug') {
echo "<br>DEBUG: searchURL: ".$searchURL."<br>";
#echo "<br>DEBUG: languageCode: ".$languageCode."<br>";
Modified: trunk/mapbender/http/php/mod_dataISOMetadata.php
===================================================================
--- trunk/mapbender/http/php/mod_dataISOMetadata.php 2013-02-18 14:11:44 UTC (rev 8562)
+++ trunk/mapbender/http/php/mod_dataISOMetadata.php 2013-02-18 19:33:04 UTC (rev 8563)
@@ -50,7 +50,8 @@
$uuid = new Uuid($testMatch);
$isUuid = $uuid->isValid();
if (!$isUuid) {
- echo 'Id: <b>'.$testMatch.'</b> is not a valid mapbender uuid.<br/>';
+ //echo 'Id: <b>'.$testMatch.'</b> is not a valid mapbender uuid.<br/>';
+ echo 'Id is not a valid mapbender uuid.<br/>';
die();
}
$recordId = $testMatch;
@@ -64,14 +65,15 @@
$iso19139Doc->preserveWhiteSpace = false;
$iso19139Doc->formatOutput = true;
} else {
- echo 'outputFormat: <b>'.$_REQUEST['OUTPUTFORMAT'].'</b> is not set or valid.<br/>';
+ //echo 'outputFormat: <b>'.$_REQUEST['OUTPUTFORMAT'].'</b> is not set or valid.<br/>';
+ echo 'Parameter outputFormat is not set or valid (iso19139).<br/>';
die();
}
//if validation is requested
//
if (isset($_REQUEST['VALIDATE']) and $_REQUEST['VALIDATE'] != "true") {
- //
- echo 'validate: <b>'.$_REQUEST['VALIDATE'].'</b> is not valid.<br/>';
+ //echo 'validate: <b>'.$_REQUEST['VALIDATE'].'</b> is not valid (true).<br/>';
+ echo 'Parameter validate is not valid (true).<br/>';
die();
}
//get record from mb_metadata and prohibit duplicates:
Modified: trunk/mapbender/http/php/mod_interfaceWms4Kml.php
===================================================================
--- trunk/mapbender/http/php/mod_interfaceWms4Kml.php 2013-02-18 14:11:44 UTC (rev 8562)
+++ trunk/mapbender/http/php/mod_interfaceWms4Kml.php 2013-02-18 19:33:04 UTC (rev 8563)
@@ -21,7 +21,8 @@
$testMatch = $_REQUEST["id"];
$pattern = '/^[\d,]*$/';
if (!preg_match($pattern,$testMatch)){
- echo 'id: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'id: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter id is not valid (integer oder cs integer list).<br/>';
die();
}
$layerId = $testMatch;
Modified: trunk/mapbender/http/php/mod_layerISOMetadata.php
===================================================================
--- trunk/mapbender/http/php/mod_layerISOMetadata.php 2013-02-18 14:11:44 UTC (rev 8562)
+++ trunk/mapbender/http/php/mod_layerISOMetadata.php 2013-02-18 19:33:04 UTC (rev 8563)
@@ -42,8 +42,9 @@
//validate integer
$testMatch = $_REQUEST["ID"];
$pattern = '/^[\d]*$/';
- if (!preg_match($pattern,$testMatch)){
- echo 'Id: <b>'.$testMatch.'</b> is not valid.<br/>';
+ if (!preg_match($pattern,$testMatch)){
+ // echo 'Id: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Id is not valid (integer).<br/>';
die();
}
$recordId = $testMatch;
@@ -55,14 +56,15 @@
$iso19139Doc = new DOMDocument('1.0');
$iso19139Doc->encoding = 'UTF-8';
} else {
- echo 'outputFormat: <b>'.$_REQUEST['OUTPUTFORMAT'].'</b> is not set or valid.<br/>';
+ //echo 'outputFormat: <b>'.$_REQUEST['OUTPUTFORMAT'].'</b> is not set or valid.<br/>';
+ echo 'Parameter <b>outputFormat</b> is not set or valid (iso19139).<br/>';
die();
}
//if validation is requested
//
if (isset($_REQUEST['VALIDATE']) and $_REQUEST['VALIDATE'] != "true") {
- //
- echo 'validate: <b>'.$_REQUEST['VALIDATE'].'</b> is not valid.<br/>';
+ //echo 'validate: <b>'.$_REQUEST['VALIDATE'].'</b> is not valid.<br/>';
+ echo 'Parameter <b>validate</b> is not valid (true).<br/>';
die();
}
//some needfull functions to pull metadata out of the database!
Modified: trunk/mapbender/http/php/mod_showMetadata.php
===================================================================
--- trunk/mapbender/http/php/mod_showMetadata.php 2013-02-18 14:11:44 UTC (rev 8562)
+++ trunk/mapbender/http/php/mod_showMetadata.php 2013-02-18 19:33:04 UTC (rev 8563)
@@ -51,7 +51,8 @@
//validate to csv integer list
$testMatch = $_REQUEST["resource"];
if (!($testMatch == 'wms' or $testMatch == 'layer' or $testMatch == 'wfs' or $testMatch == 'featuretype' or $testMatch == 'wfs-conf' or $testMatch == 'wmc')){
- echo 'resource: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'resource: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>resource</b> is not valid (wms,layer,wfs,featuretype,wfs-conf,wmc)<br/>';
die();
}
$resource = $testMatch;
@@ -62,7 +63,8 @@
$testMatch = $_REQUEST["id"];
$pattern = '/^[\d,]*$/';
if (!preg_match($pattern,$testMatch)){
- echo 'id: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'id: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>id</b> is not valid (integer or cs integer list).<br/>';
die();
}
$id = $testMatch;
@@ -72,7 +74,8 @@
//validate to csv integer list
$testMatch = $_REQUEST["outputFormat"];
if (!($testMatch == 'iso19139' or $testMatch == 'html' or $testMatch == 'georss')){
- echo 'outputFormat: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'outputFormat: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>outputFormat</b> is not valid (iso19139,html,georss).<br/>';
die();
}
$outputFormat = $testMatch;
@@ -82,7 +85,8 @@
//validate to csv integer list
$testMatch = $_REQUEST["languageCode"];
if (!($testMatch == 'de' or $testMatch == 'fr' or $testMatch == 'en')){
- echo 'languageCode: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'languageCode: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>languageCode</b> is not valid (de,fr,en).<br/>';
die();
}
$languageCode = $testMatch;
@@ -92,7 +96,8 @@
//validate to csv integer list
$testMatch = $_REQUEST["layout"];
if (!($testMatch == 'tabs' or $testMatch == 'accordion' or $testMatch == 'plain')){
- echo 'layout: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'layout: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>layout</b> is not valid (tabs,accordion,plain).<br/>';
die();
}
$layout = $testMatch;
@@ -103,7 +108,8 @@
//validate to csv integer list
$testMatch = $_REQUEST["subscribe"];
if (!($testMatch == '1' or $testMatch == '0')){
- echo 'layout: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'layout: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>subscribe</b> is not valid (0,1).<br/>';
die();
}
$subscribe = $testMatch;
Modified: trunk/mapbender/http/php/mod_wmc2ol.php
===================================================================
--- trunk/mapbender/http/php/mod_wmc2ol.php 2013-02-18 14:11:44 UTC (rev 8562)
+++ trunk/mapbender/http/php/mod_wmc2ol.php 2013-02-18 19:33:04 UTC (rev 8563)
@@ -44,7 +44,8 @@
$testMatch = $_REQUEST["wmc_id"];
$pattern = '/^[0-9_]*$/';
if (!preg_match($pattern,$testMatch)){
- echo 'wmc_id: <b>'.$testMatch.'</b> is not valid.<br/>';
+ //echo 'wmc_id: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>wmc_id</b> is not valid (integer_integer or integer).<br/>';
die();
}
$wmc_id = $testMatch;
@@ -63,8 +64,9 @@
//validate to csv integer list
$testMatch = $_REQUEST["pointRadius"];
$pattern = '/^[0-9]{2}|^[1-9]{1}$/';
- if (!preg_match($pattern,$testMatch)){
- echo 'pointRadius: <b>'.$testMatch.'</b> is not valid.<br/>';
+ if (!preg_match($pattern,$testMatch)){
+ //echo 'pointRadius: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>pointRadius</b> is not valid (integer).<br/>';
die();
}
$pointRadius = $testMatch;
@@ -76,8 +78,9 @@
//validate to csv integer list
$testMatch = $_REQUEST["fillColor"];
$pattern = '/^#[0-9a-f]{3}|#[0-9a-f]{6}$/';
- if (!preg_match($pattern,$testMatch)){
- echo 'fillColor: <b>'.$testMatch.'</b> is not valid.<br/>';
+ if (!preg_match($pattern,$testMatch)){
+ //echo 'fillColor: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter <b>fillColor<b> is not valid (html color code).<br/>';
die();
}
$fillColor = $testMatch;
@@ -88,8 +91,9 @@
//validate to csv integer list
$testMatch = $_REQUEST["markerUrl"];
$pattern = '/^[\d,]*$/';
- if (!preg_match($pattern,$testMatch)){
- echo 'markerUrl: <b>'.$testMatch.'</b> is not valid.<br/>';
+ if (!preg_match($pattern,$testMatch)){
+ //echo 'markerUrl: <b>'.$testMatch.'</b> is not valid.<br/>';
+ echo 'Parameter </b>markerUrl</b> is not valid.<br/>';
die();
}
$fillColor = $testMatch;
More information about the Mapbender_commits
mailing list