@wilt, I just found the following warning in my /logs folder; it's issued when the edit_orders script is initially entered (i.e. no $_POST parameters).
Code:
PHP Warning: Invalid argument supplied for foreach() in C:\xampp\htdocs\testsite\testadmin\includes\classes\AdminRequestSanitizer.php on line 511
Here's the current code, with line 511 highlighted:
Code:
private function filterMultiDimensional($parameterName, $parameterDefinition)
{
$requestPost = $_POST;
foreach ($requestPost[$parameterName] as $key => $value) {
$hacked = $requestPost[$parameterName][$key];
if (isset($parameterDefinition['params'][$parameterName])) {
unset($requestPost[$parameterName][$key]);
unset($_POST);
$_POST[$parameterName] = $key;
$type = $parameterDefinition['params'][$parameterName]['sanitizerType'];
$params = isset($parameterDefinition['params'][$parameterName]['params']) ? $parameterDefinition['params'][$parameterName]['params'] : null;
$newParameterDefinition = array('sanitizerType' => $type, 'params' => $params);
$this->runSpecificSanitizer($parameterName, $newParameterDefinition);
$newKey = $_POST[$parameterName];
$requestPost[$parameterName][$newKey] = $hacked;
}
foreach ($hacked as $pkey => $pvalue) {
if (isset($parameterDefinition['params'][$pkey])) {
unset($requestPost[$parameterName][$newKey][$pkey]);
unset($_POST);
$_POST[$pkey] = $pvalue;
$type = $parameterDefinition['params'][$pkey]['sanitizerType'];
$params = isset($parameterDefinition['params'][$pkey]['params']) ? $parameterDefinition['params'][$pkey]['params'] : null;
$newParameterDefinition = array('sanitizerType' => $type, 'params' => $params);
$this->runSpecificSanitizer($pkey, $newParameterDefinition);
$requestPost[$parameterName][$newKey][$pkey] = $_POST[$pkey];
}
}
}
$_POST = $requestPost;
}
It looks like you'd want to change that to
Code:
private function filterMultiDimensional($parameterName, $parameterDefinition)
{
$requestPost = $_POST;
if (isset ($requestPost[$parameterName])) {
foreach ($requestPost[$parameterName] as $key => $value) {
$hacked = $requestPost[$parameterName][$key];
if (isset($parameterDefinition['params'][$parameterName])) {
unset($requestPost[$parameterName][$key]);
unset($_POST);
$_POST[$parameterName] = $key;
$type = $parameterDefinition['params'][$parameterName]['sanitizerType'];
$params = isset($parameterDefinition['params'][$parameterName]['params']) ? $parameterDefinition['params'][$parameterName]['params'] : null;
$newParameterDefinition = array('sanitizerType' => $type, 'params' => $params);
$this->runSpecificSanitizer($parameterName, $newParameterDefinition);
$newKey = $_POST[$parameterName];
$requestPost[$parameterName][$newKey] = $hacked;
}
foreach ($hacked as $pkey => $pvalue) {
if (isset($parameterDefinition['params'][$pkey])) {
unset($requestPost[$parameterName][$newKey][$pkey]);
unset($_POST);
$_POST[$pkey] = $pvalue;
$type = $parameterDefinition['params'][$pkey]['sanitizerType'];
$params = isset($parameterDefinition['params'][$pkey]['params']) ? $parameterDefinition['params'][$pkey]['params'] : null;
$newParameterDefinition = array('sanitizerType' => $type, 'params' => $params);
$this->runSpecificSanitizer($pkey, $newParameterDefinition);
$requestPost[$parameterName][$newKey][$pkey] = $_POST[$pkey];
}
}
}
}
$_POST = $requestPost;
}
Bookmarks