ThaMunsta/itflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove unessesary check if file has been uploaded as the function already does that

Browse Source
This commit is contained in:
johnnyq
2024-11-18 16:29:42 -05:00
parent 06314e136e
commit 34e09f32e0
8 changed files with 144 additions and 174 deletions
Download Patch File Download Diff File Expand all files Collapse all files
post/admin/admin_settings_company.php
+1 -3
View File
@@ -18,8 +18,7 @@ if (isset($_POST['edit_company'])) {
$row = mysqli_fetch_array($sql);
$existing_file_name = sanitizeInput($row['company_logo']);
// Check to see if a file is attached
if ($_FILES['file']['tmp_name'] != '') {
// Company logo
if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'png'))) {
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -40,7 +39,6 @@ if (isset($_POST['edit_company'])) {
$_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
}
}
mysqli_query($mysqli,"UPDATE companies SET company_name = '$name', company_address = '$address', company_city = '$city', company_state = '$state', company_zip = '$zip', company_country = '$country', company_phone = '$phone', company_email = '$email', company_website = '$website' WHERE company_id = 1");
post/admin/admin_user.php
-4
View File
@@ -31,7 +31,6 @@ if (isset($_POST['add_user'])) {
// Check for and process image/photo
$extended_alert_description = '';
if ($_FILES['file']['tmp_name'] != '') {
if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png'))) {
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -48,7 +47,6 @@ if (isset($_POST['add_user'])) {
$_SESSION['alert_type'] = "error";
$extended_alert_description = '. Error uploading photo. Check upload directory is writable/correct file type/size';
}
}
// Create Settings
mysqli_query($mysqli, "INSERT INTO user_settings SET user_id = $user_id, user_role = $role, user_config_force_mfa = $force_mfa");
@@ -134,7 +132,6 @@ if (isset($_POST['edit_user'])) {
// Check for and process image/photo
$extended_alert_description = '';
if ($_FILES['file']['tmp_name'] != '') {
if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png'))) {
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -154,7 +151,6 @@ if (isset($_POST['edit_user'])) {
$_SESSION['alert_type'] = "error";
$extended_alert_description = '. Error uploading photo. Check upload directory is writable/correct file type/size';
}
}
mysqli_query($mysqli, "UPDATE users SET user_name = '$name', user_email = '$email' WHERE user_id = $user_id");
post/user/asset.php
+1 -5
View File
@@ -19,8 +19,7 @@ if (isset($_POST['add_asset'])) {
$asset_id = mysqli_insert_id($mysqli);
// Add Photo
if ($_FILES['file']['tmp_name'] != '') {
if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png'))) {
if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'png'))) {
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -34,7 +33,6 @@ if (isset($_POST['add_asset'])) {
mysqli_query($mysqli,"UPDATE assets SET asset_photo = '$new_file_name' WHERE asset_id = $asset_id");
}
}
// Add Primary Interface
mysqli_query($mysqli,"INSERT INTO asset_interfaces SET interface_name = 'Primary', interface_mac = '$mac', interface_ip = '$ip', interface_nat_ip = '$nat_ip', interface_ipv6 = '$ipv6', interface_port = 'eth0', interface_primary = 1, interface_network_id = $network, interface_asset_id = $asset_id");
@@ -94,7 +92,6 @@ if (isset($_POST['edit_asset'])) {
}
// Update Photo
if ($_FILES['file']['tmp_name'] != '') {
if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png'))) {
// Set directory in which the uploaded file will be moved
@@ -109,7 +106,6 @@ if (isset($_POST['edit_asset'])) {
mysqli_query($mysqli,"UPDATE assets SET asset_photo = '$new_file_name' WHERE asset_id = $asset_id");
}
}
//Logging
logAction("Asset", "Edit", "$session_name edited asset $name", $client_id, $asset_id);
post/user/contact.php
+1 -2
View File
@@ -46,7 +46,6 @@ if (isset($_POST['add_contact'])) {
}
// Check for and process image/photo
if ($_FILES['file']['tmp_name']) {
if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png'))) {
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -60,7 +59,7 @@ if (isset($_POST['add_contact'])) {
move_uploaded_file($file_tmp_path, $dest_path);
mysqli_query($mysqli,"UPDATE contacts SET contact_photo = '$new_file_name' WHERE contact_id = $contact_id");
}
}
// Logging
post/user/expense.php
+1 -4
View File
@@ -14,7 +14,7 @@ if (isset($_POST['add_expense'])) {
// Check for and process attachment
$extended_alert_description = '';
if ($_FILES['file']['tmp_name'] != '') {
if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'pdf'))) {
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -30,7 +30,6 @@ if (isset($_POST['add_expense'])) {
$_SESSION['alert_type'] = "error";
$extended_alert_description = '. Error uploading file. Check upload directory is writable/correct file type/size';
}
}
//Logging
logAction("Expense", "Create", "$session_name created expense $description", $client, $expense_id);
@@ -55,7 +54,6 @@ if (isset($_POST['edit_expense'])) {
// Check for and process attachment
$extended_alert_description = '';
if ($_FILES['file']['tmp_name'] != '') {
if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png', 'pdf'))) {
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -74,7 +72,6 @@ if (isset($_POST['edit_expense'])) {
$_SESSION['alert_type'] = "error";
$extended_alert_description = '. Error uploading file. Check upload directory is writable/correct file type/size';
}
}
mysqli_query($mysqli,"UPDATE expenses SET expense_date = '$date', expense_amount = $amount, expense_account_id = $account, expense_vendor_id = $vendor, expense_client_id = $client, expense_category_id = $category, expense_description = '$description', expense_reference = '$reference' WHERE expense_id = $expense_id");
post/user/location.php
-7
View File
@@ -33,8 +33,6 @@ if(isset($_POST['add_location'])){
mysqli_query($mysqli,"UPDATE locations SET location_primary = 1 WHERE location_id = $location_id");
}
// Check to see if a file is attached
if($_FILES['file']['tmp_name'] != ''){
if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png'))) {
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -48,7 +46,6 @@ if(isset($_POST['add_location'])){
mysqli_query($mysqli,"UPDATE locations SET location_photo = '$new_file_name' WHERE location_id = $location_id");
}
}
// Logging
logAction("Location", "Create", "$session_name created location $name", $client_id, $location_id);
@@ -98,9 +95,6 @@ if(isset($_POST['edit_location'])){
}
}
//Check to see if a file is attached
if($_FILES['file']['tmp_name'] != ''){
if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png'))) {
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -117,7 +111,6 @@ if(isset($_POST['edit_location'])){
mysqli_query($mysqli,"UPDATE locations SET location_photo = '$new_file_name' WHERE location_id = $location_id");
}
}
// Logging
logAction("Location", "Edit", "$session_name edited location $name", $client_id, $location_id);
post/user/profile.php
+1 -6
View File
@@ -48,8 +48,7 @@ if (isset($_POST['edit_your_user_details'])) {
$mail = addToMailQueue($mysqli, $data);
}
// Check to see if a file is attached
if ($_FILES['avatar']['tmp_name'] != '') {
// Photo
if ($new_file_name = checkFileUpload($_FILES['avatar'], array('jpg', 'jpeg', 'gif', 'png'))) {
$file_tmp_path = $_FILES['avatar']['tmp_name'];
@@ -68,10 +67,6 @@ if (isset($_POST['edit_your_user_details'])) {
// Extended Logging
$extended_log_description .= ", avatar updated";
} else {
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = 'There was an error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
}
}
mysqli_query($mysqli,"UPDATE users SET user_name = '$name', user_email = '$email' WHERE user_id = $session_user_id");
post/user/rack.php
-4
View File
@@ -24,7 +24,6 @@ if (isset($_POST['add_rack'])) {
$rack_id = mysqli_insert_id($mysqli);
// Add Photo
if ($_FILES['file']['tmp_name'] != '') {
if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png'))) {
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -39,7 +38,6 @@ if (isset($_POST['add_rack'])) {
mysqli_query($mysqli,"UPDATE racks SET rack_photo = '$new_file_name' WHERE rack_id = $rack_id");
}
}
// Logging
logAction("Rack", "Create", "$session_name created rack $name", $client_id, $rack_id);
@@ -69,7 +67,6 @@ if (isset($_POST['edit_rack'])) {
mysqli_query($mysqli,"UPDATE racks SET rack_name = '$name', rack_description = '$description', rack_type = '$type', rack_model = '$model', rack_depth = '$depth', rack_units = $units, rack_location_id = $location, rack_physical_location = '$physical_location', rack_notes = '$notes' WHERE rack_id = $rack_id");
// Add Photo
if ($_FILES['file']['tmp_name'] != '') {
if ($new_file_name = checkFileUpload($_FILES['file'], array('jpg', 'jpeg', 'gif', 'png'))) {
$file_tmp_path = $_FILES['file']['tmp_name'];
@@ -84,7 +81,6 @@ if (isset($_POST['edit_rack'])) {
mysqli_query($mysqli,"UPDATE racks SET rack_photo = '$new_file_name' WHERE rack_id = $rack_id");
}
}
// Logging
logAction("Rack", "Edit", "$session_name edited rack $name", $client_id, $rack_id);