diff --git a/application/classes/actions/ActionBlog.class.php b/application/classes/actions/ActionBlog.class.php index 601639d4..cfbebf3c 100644 --- a/application/classes/actions/ActionBlog.class.php +++ b/application/classes/actions/ActionBlog.class.php @@ -1476,22 +1476,22 @@ class ActionBlog extends Action /** * Обрабатываем добавление по каждому из переданных логинов */ - foreach ($aUsers as $sUser) { - $sUser = trim($sUser); - if ($sUser == '') { + foreach ($aUsers as $iUserId) { + $iUserId = (int) $iUserId; + + if (!$iUserId) { continue; } + /** * Если пользователь не найден или неактивен, * возвращаем ошибку */ - if (!$oUser = $this->User_GetUserByLogin($sUser) or $oUser->getActivate() != 1) { + if (!$oUser = $this->User_GetUserById($iUserId) or $oUser->getActivate() != 1) { $aResult[] = array( 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), - 'sMsg' => $this->Lang_Get('user.notices.not_found', - array('login' => htmlspecialchars($sUser))), - 'user_login' => htmlspecialchars($sUser) + 'sMsg' => $this->Lang_Get('user.notices.not_found_by_id', array('id' => $iUserId)) ); continue; } @@ -1525,9 +1525,9 @@ class ActionBlog extends Action 'bStateError' => false, 'sMsgTitle' => $this->Lang_Get('common.attention'), 'sMsg' => $this->Lang_Get('blog.invite.notices.add', - array('login' => htmlspecialchars($sUser))), + array('login' => $oUser->getLogin())), 'user_id' => $oUser->getId(), - 'user_login' => htmlspecialchars($sUser), + 'user_login' => $oUser->getLogin(), 'html' => $oViewer->Fetch("component@blog.invite-item") ); $this->SendBlogInvite($oBlog, $oUser); @@ -1536,7 +1536,7 @@ class ActionBlog extends Action 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), 'sMsg' => $this->Lang_Get('common.error.system.base'), - 'user_login' => htmlspecialchars($sUser) + 'user_login' => $oUser->getLogin() ); } } else { @@ -1547,15 +1547,15 @@ class ActionBlog extends Action switch (true) { case ($oBlogUser->getUserRole() == ModuleBlog::BLOG_USER_ROLE_INVITE): $sErrorMessage = $this->Lang_Get('blog.invite.notices.already_invited', - array('login' => htmlspecialchars($sUser))); + array('login' => $oUser->getLogin())); break; case ($oBlogUser->getUserRole() > ModuleBlog::BLOG_USER_ROLE_GUEST): $sErrorMessage = $this->Lang_Get('blog.invite.notices.already_joined', - array('login' => htmlspecialchars($sUser))); + array('login' => $oUser->getLogin())); break; case ($oBlogUser->getUserRole() == ModuleBlog::BLOG_USER_ROLE_REJECT): $sErrorMessage = $this->Lang_Get('blog.invite.notices.reject', - array('login' => htmlspecialchars($sUser))); + array('login' => $oUser->getLogin())); break; default: $sErrorMessage = $this->Lang_Get('common.error.system.base'); @@ -1564,7 +1564,7 @@ class ActionBlog extends Action 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), 'sMsg' => $sErrorMessage, - 'user_login' => htmlspecialchars($sUser) + 'user_login' => $oUser->getLogin() ); continue; } diff --git a/application/classes/actions/ActionStream.class.php b/application/classes/actions/ActionStream.class.php index ae854bb2..0fdae4b5 100644 --- a/application/classes/actions/ActionStream.class.php +++ b/application/classes/actions/ActionStream.class.php @@ -274,15 +274,17 @@ class ActionStream extends Action /** * Обрабатываем добавление по каждому из переданных логинов */ - foreach ($aUsers as $sUser) { - $sUser = trim($sUser); - if ($sUser == '') { + foreach ($aUsers as $iUserId) { + $iUserId = (int) $iUserId; + + if (!$iUserId) { continue; } + /** * Если пользователь не найден или неактивен, возвращаем ошибку */ - if ($oUser = $this->User_GetUserById($sUser) and $oUser->getActivate() == 1) { + if ($oUser = $this->User_GetUserById($iUserId) and $oUser->getActivate() == 1) { $this->Stream_subscribeUser($this->oUserCurrent->getId(), $oUser->getId()); $oViewer = $this->Viewer_GetLocalViewer(); $oViewer->Assign('user', $oUser, true); @@ -291,19 +293,16 @@ class ActionStream extends Action $aResult[] = array( 'bStateError' => false, 'sMsgTitle' => $this->Lang_Get('common.attention'), - 'sMsg' => $this->Lang_Get('common.success.add', - array('login' => htmlspecialchars($sUser))), + 'sMsg' => $this->Lang_Get('common.success.add', array('login' => $oUser->getLogin())), 'user_id' => $oUser->getId(), - 'user_login' => htmlspecialchars($sUser), - 'html' => $oViewer->Fetch("component@user-list-add.item") + 'user_login' => $oUser->getLogin(), + 'html' => $oViewer->Fetch("component@user-list-add.item") ); } else { $aResult[] = array( 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), - 'sMsg' => $this->Lang_Get('user.notices.not_found', - array('login' => htmlspecialchars($sUser))), - 'user_login' => htmlspecialchars($sUser) + 'sMsg' => $this->Lang_Get('user.notices.not_found_by_id', array('id' => $iUserId)) ); } } diff --git a/application/classes/actions/ActionTalk.class.php b/application/classes/actions/ActionTalk.class.php index 8c723b93..b41ab297 100644 --- a/application/classes/actions/ActionTalk.class.php +++ b/application/classes/actions/ActionTalk.class.php @@ -811,16 +811,18 @@ class ActionTalk extends Action /** * Обрабатываем добавление по каждому из переданных логинов */ - foreach ($aUsers as $sUser) { - $sUser = trim($sUser); - if ($sUser == '') { + foreach ($aUsers as $iUserId) { + $iUserId = (int) $iUserId; + + if (!$iUserId) { continue; } + /** * Если пользователь пытается добавить в блеклист самого себя, * возвращаем ошибку */ - if ($sUser == $this->oUserCurrent->getId()) { + if ($iUserId == $this->oUserCurrent->getId()) { $aResult[] = array( 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), @@ -831,7 +833,7 @@ class ActionTalk extends Action /** * Если пользователь не найден или неактивен, возвращаем ошибку */ - if ($oUser = $this->User_GetUserById($sUser) and $oUser->getActivate() == 1) { + if ($oUser = $this->User_GetUserById($iUserId) and $oUser->getActivate() == 1) { if (!isset($aUserBlacklist[$oUser->getId()])) { if ($this->Talk_AddUserToBlackList($oUser->getId(), $this->oUserCurrent->getId())) { $oViewer = $this->Viewer_GetLocalViewer(); @@ -842,9 +844,9 @@ class ActionTalk extends Action 'bStateError' => false, 'sMsgTitle' => $this->Lang_Get('common.attention'), 'sMsg' => $this->Lang_Get('common.success.add', - array('login' => htmlspecialchars($sUser))), + array('login' => $oUser->getLogin())), 'user_id' => $oUser->getId(), - 'user_login' => htmlspecialchars($sUser), + 'user_login' => $oUser->getLogin(), 'html' => $oViewer->Fetch("component@user-list-add.item") ); } else { @@ -852,7 +854,7 @@ class ActionTalk extends Action 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), 'sMsg' => $this->Lang_Get('common.error.system.base'), - 'user_login' => htmlspecialchars($sUser) + 'user_login' => $oUser->getLogin() ); } } else { @@ -863,8 +865,8 @@ class ActionTalk extends Action 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), 'sMsg' => $this->Lang_Get('user_list_add.notices.error_already_added', - array('login' => htmlspecialchars($sUser))), - 'user_login' => htmlspecialchars($sUser) + array('login' => $oUser->getLogin())), + 'user_login' => $oUser->getLogin() ); continue; } @@ -872,9 +874,8 @@ class ActionTalk extends Action $aResult[] = array( 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), - 'sMsg' => $this->Lang_Get('user.notices.not_found', - array('login' => htmlspecialchars($sUser))), - 'user_login' => htmlspecialchars($sUser) + 'sMsg' => $this->Lang_Get('user.notices.not_found_by_id', + array('id' => $iUserId)) ); } } @@ -1083,15 +1084,17 @@ class ActionTalk extends Action /** * Обрабатываем добавление по каждому переданному логину пользователя */ - foreach ($aUsers as $sUser) { - $sUser = trim($sUser); - if ($sUser == '') { + foreach ($aUsers as $iUserId) { + $iUserId = (int) $iUserId; + + if (!$iUserId) { continue; } + /** * Попытка добавить себя */ - if ($sUser == $this->oUserCurrent->getId()) { + if ($iUserId == $this->oUserCurrent->getId()) { $aResult[] = array( 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), @@ -1099,7 +1102,7 @@ class ActionTalk extends Action ); continue; } - if (($oUser = $this->User_GetUserById($sUser)) + if (($oUser = $this->User_GetUserById($iUserId)) && ($oUser->getActivate() == 1) ) { if (!in_array($oUser->getId(), $aUserInBlacklist)) { @@ -1131,7 +1134,7 @@ class ActionTalk extends Action 'bStateError' => false, 'sMsgTitle' => $this->Lang_Get('common.attention'), 'sMsg' => $this->Lang_Get('user_list_add.notices.success_add', - array('login', htmlspecialchars($sUser))), + array('login', $oUser->getLogin())), 'user_id' => $oUser->getId(), 'user_login' => $oUser->getLogin(), 'html' => $oViewer->Fetch("component@talk.participants-item") @@ -1153,7 +1156,7 @@ class ActionTalk extends Action 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), 'sMsg' => $this->Lang_Get('user_list_add.notices.error_already_added', - array('login' => htmlspecialchars($sUser))) + array('login' => $oUser->getLogin())) ); break; /** @@ -1164,7 +1167,7 @@ class ActionTalk extends Action 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), 'sMsg' => $this->Lang_Get('talk.users.notices.deleted', - array('login' => htmlspecialchars($sUser))) + array('login' => $oUser->getLogin())) ); break; @@ -1197,7 +1200,7 @@ class ActionTalk extends Action 'bStateError' => false, 'sMsgTitle' => $this->Lang_Get('common.attention'), 'sMsg' => $this->Lang_Get('user_list_add.notices.success_add', - array('login', htmlspecialchars($sUser))), + array('login', $oUser->getLogin())), 'user_id' => $oUser->getId(), 'html' => $oViewer->Fetch("component@talk.participants-item") ); @@ -1217,7 +1220,7 @@ class ActionTalk extends Action 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), 'sMsg' => $this->Lang_Get('talk.blacklist.notices.blocked', - array('login' => htmlspecialchars($sUser))) + array('login' => $oUser->getLogin())) ); } } else { @@ -1227,8 +1230,8 @@ class ActionTalk extends Action $aResult[] = array( 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), - 'sMsg' => $this->Lang_Get('user.notices.not_found', - array('login' => htmlspecialchars($sUser))) + 'sMsg' => $this->Lang_Get('user.notices.not_found_by_id', + array('id' => $iUserId)) ); } } diff --git a/application/classes/actions/ActionUserfeed.class.php b/application/classes/actions/ActionUserfeed.class.php index 188e9536..f241637a 100644 --- a/application/classes/actions/ActionUserfeed.class.php +++ b/application/classes/actions/ActionUserfeed.class.php @@ -179,15 +179,17 @@ class ActionUserfeed extends Action /** * Обрабатываем добавление по каждому из переданных логинов */ - foreach ($aUsers as $sUser) { - $sUser = trim($sUser); - if ($sUser == '') { + foreach ($aUsers as $iUserId) { + $iUserId = (int) $iUserId; + + if (!$iUserId) { continue; } + /** * Если пользователь не найден или неактивен, возвращаем ошибку */ - if ($oUser = $this->User_GetUserById($sUser) and $oUser->getActivate() == 1) { + if ($oUser = $this->User_GetUserById($iUserId) and $oUser->getActivate() == 1) { $this->Userfeed_subscribeUser($this->oUserCurrent->getId(), ModuleUserfeed::SUBSCRIBE_TYPE_USER, $oUser->getId()); @@ -198,19 +200,16 @@ class ActionUserfeed extends Action $aResult[] = array( 'bStateError' => false, 'sMsgTitle' => $this->Lang_Get('common.attention'), - 'sMsg' => $this->Lang_Get('common.success.add', - array('login' => htmlspecialchars($sUser))), + 'sMsg' => $this->Lang_Get('common.success.add', array('login' => $oUser->getLogin())), 'user_id' => $oUser->getId(), - 'user_login' => htmlspecialchars($sUser), + 'user_login' => $oUser->getLogin(), 'html' => $oViewer->Fetch("component@user-list-add.item") ); } else { $aResult[] = array( 'bStateError' => true, 'sMsgTitle' => $this->Lang_Get('common.error.error'), - 'sMsg' => $this->Lang_Get('user.notices.not_found', - array('login' => htmlspecialchars($sUser))), - 'user_login' => htmlspecialchars($sUser) + 'sMsg' => $this->Lang_Get('user.notices.not_found_by_id', array('id' => $iUserId)) ); } }