mirror/opensourcepos
1
0
Fork 0
mirror of https://github.com/opensourcepos/opensourcepos.git synced 2026-04-02 14:24:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

Refactor: Use existing sanitizeSortColumn method with item_sort_columns helper

Browse Source 
- Add item_sort_columns() helper function in tabular_helper.php
- Helper returns all sortable columns including dynamic attribute IDs
- Remove duplicate sanitizeSortColumnAttribute method from Items controller
- Remove unused ALLOWED_SORT_COLUMNS constant from Item model
- Reuses existing sanitizeSortColumn method from Secure_Controller
This commit is contained in:
Ollama
2026-03-16 18:34:23 +00:00
committed by jekkos
parent 8ff7068e33
commit 1ffe142f83
3 changed files with 19 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
app/Controllers/Items.php
View File

@@ -65,31 +65,6 @@ class Items extends Secure_Controller
$this->config = config(OSPOS::class)->settings;
}
/**
* Sanitize sort column allowing standard columns and attribute definition IDs
*
* @param string|null $field The requested sort field
* @param string $default The default sort field
* @param array $attribute_ids Allowed attribute definition IDs
* @return string The validated sort field
*/
private function sanitizeSortColumnAttribute(?string $field, string $default, array $attribute_ids): string
{
if ($field === null) {
return $default;
}
if (in_array($field, Item::ALLOWED_SORT_COLUMNS, true)) {
return $field;
}
if (ctype_digit($field) && in_array((int) $field, $attribute_ids, true)) {
return $field;
}
return $default;
}
/**
* @return string
*/
@@ -136,7 +111,7 @@ class Items extends Secure_Controller
$definition_names = $this->attribute->get_definitions_by_flags(Attribute::SHOW_IN_ITEMS);
$attribute_column_ids = array_keys($definition_names);
$sort = $this->sanitizeSortColumnAttribute($this->request->getGet('sort', FILTER_SANITIZE_FULL_SPECIAL_CHARS), 'item_id', $attribute_column_ids);
$sort = $this->sanitizeSortColumn(item_sort_columns(), $this->request->getGet('sort', FILTER_SANITIZE_FULL_SPECIAL_CHARS), 'items.item_id');
$order = $this->request->getGet('order', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$this->item_lib->set_item_location($this->request->getGet('stock_location'));