From 1f0d5a64a4bab1ef2929f9d111e1397366831013 Mon Sep 17 00:00:00 2001 From: discapacidad5 Date: Sat, 3 Feb 2024 13:40:23 -0400 Subject: [PATCH] Update SystemPreference.php **Propose changes to GitHub:** **File: systempreference.php** **Lines: 64 and 77** **Original code (lines 64 and 77):** ```php if ((clean_param($_REQUEST['action'], PARAM_ALPHAMOD) == 'update') && (clean_param($_REQUEST['button'], PARAM_ALPHAMOD) == 'save') && clean_param($_REQUEST['values'], PARAM_NOTAGS) && $_POST['values'] && User('PROFILE') == 'admin') { ... } elseif ((clean_param($_REQUEST['action'], PARAM_ALPHAMOD) == 'insert') && (clean_param($_REQUEST['button'], PARAM_ALPHAMOD) == 'save') && clean_param($_REQUEST['values'], PARAM_NOTAGS) && $_POST['values'] && User('PROFILE') == 'admin') { ``` **Proposed change (lines 64 and 77):** ```php if ((clean_param($_REQUEST['action'], PARAM_ALPHAMOD) == 'update') && (clean_param($_REQUEST['button'], PARAM_ALPHAMOD) == _save) && clean_param($_REQUEST['values'], PARAM_NOTAGS) && $_POST['values'] && User('PROFILE') == 'admin') { ... } elseif ((clean_param($_REQUEST['action'], PARAM_ALPHAMOD) == 'insert') && (clean_param($_REQUEST['button'], PARAM_ALPHAMOD) == _save) && clean_param($_REQUEST['values'], PARAM_NOTAGS) && $_POST['values'] && User('PROFILE') == 'admin') { ``` **Explanation:** - The original code compares the `$_REQUEST['button']` variable with the string "save" (case-sensitive). - The proposed change replaces the comparison with `_save` (likely a translation string). - This ensures compatibility with different languages and translation systems. **Reason for change:** - To avoid translation errors and potential issues in non-English environments. - To maintain consistency with other parts of the codebase that use translation strings. **Additional notes:** - These changes are aligned with the previous proposal for "'save'" to "_save" replacements. - It's essential to thoroughly review the codebase for similar instances where translation strings might be required. --- modules/schoolsetup/SystemPreference.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/schoolsetup/SystemPreference.php b/modules/schoolsetup/SystemPreference.php index 66a98e4c..9e33a1b3 100644 --- a/modules/schoolsetup/SystemPreference.php +++ b/modules/schoolsetup/SystemPreference.php @@ -61,7 +61,7 @@ echo '
'; if (clean_param($_REQUEST['page_display'], PARAM_ALPHAMOD) == 'SystemPreference') { - if ((clean_param($_REQUEST['action'], PARAM_ALPHAMOD) == 'update') && (clean_param($_REQUEST['button'], PARAM_ALPHAMOD) == 'Save') && clean_param($_REQUEST['values'], PARAM_NOTAGS) && $_POST['values'] && User('PROFILE') == 'admin') { + if ((clean_param($_REQUEST['action'], PARAM_ALPHAMOD) == 'update') && (clean_param($_REQUEST['button'], PARAM_ALPHAMOD) == _Save) && clean_param($_REQUEST['values'], PARAM_NOTAGS) && $_POST['values'] && User('PROFILE') == 'admin') { $sql = 'UPDATE system_preference SET '; foreach ($_REQUEST['values'] as $column => $value) { @@ -74,7 +74,7 @@ } $sql = substr($sql, 0, -1) . ' WHERE SCHOOL_ID=\'' . UserSchool() . '\''; DBQuery($sql); - } elseif ((clean_param($_REQUEST['action'], PARAM_ALPHAMOD) == 'insert') && (clean_param($_REQUEST['button'], PARAM_ALPHAMOD) == 'Save') && clean_param($_REQUEST['values'], PARAM_NOTAGS) && $_POST['values'] && User('PROFILE') == 'admin') { + } elseif ((clean_param($_REQUEST['action'], PARAM_ALPHAMOD) == 'insert') && (clean_param($_REQUEST['button'], PARAM_ALPHAMOD) == _Save) && clean_param($_REQUEST['values'], PARAM_NOTAGS) && $_POST['values'] && User('PROFILE') == 'admin') { $sql = 'INSERT INTO system_preference SET '; foreach ($_REQUEST['values'] as $column => $value) {