From 47d84faaa2e617154fccf87a855c2ba198b65815 Mon Sep 17 00:00:00 2001
From: Serghey Rodin <serghey.rodin@gmail.com>
Date: Wed, 21 Aug 2013 12:05:51 +0300
Subject: [PATCH] empty value validation

---
 web/add/cron/index.php | 104 ++++++++++++++++++++---------------------
 1 file changed, 51 insertions(+), 53 deletions(-)

diff --git a/web/add/cron/index.php b/web/add/cron/index.php
index b8790ebc0..96c5ecd8a 100644
--- a/web/add/cron/index.php
+++ b/web/add/cron/index.php
@@ -12,66 +12,64 @@ include($_SERVER['DOCUMENT_ROOT'].'/templates/header.html');
 // Panel
 top_panel($user,$TAB);
 
-// Are you admin?
-//if ($_SESSION['user'] == 'admin') {
-    if (!empty($_POST['ok'])) {
-        // Check input
-        if (!isset($_POST['v_min'])) $errors[] = __('minute');
-        if (!isset($_POST['v_hour'])) $errors[] = __('hour');
-        if (!isset($_POST['v_day'])) $errors[] = __('day');
-        if (!isset($_POST['v_month'])) $errors[] = __('month');
-        if (!isset($_POST['v_wday'])) $errors[] = __('day of week');
-        if (!isset($_POST['v_cmd'])) $errors[] = __('cmd');
+if (!empty($_POST['ok'])) {
+    // Check input
+    if ((!isset($_POST['v_min'])) && ($_POST['v_min'] != '')) $errors[] = __('minute');
+    if ((!isset($_POST['v_hour'])) && ($_POST['v_hour'] != '')) $errors[] = __('hour');
+    if ((!isset($_POST['v_day'])) && ($_POST['v_day'] != '')) $errors[] = __('day');
+    if ((!isset($_POST['v_month'])) && ($_POST['v_month'] != '')) $errors[] = __('month');
+    if ((!isset($_POST['v_wday'])) && ($_POST['v_wday'] != '')) $errors[] = __('day of week');
+    if ((!isset($_POST['v_cmd'])) && ($_POST['v_cmd'] != '')) $errors[] = __('cmd');
 
-        // Protect input
-        $v_min = escapeshellarg($_POST['v_min']);
-        $v_hour = escapeshellarg($_POST['v_hour']);
-        $v_day = escapeshellarg($_POST['v_day']);
-        $v_month = escapeshellarg($_POST['v_month']);
-        $v_wday = escapeshellarg($_POST['v_wday']);
-        $v_cmd = escapeshellarg($_POST['v_cmd']);
+    // Protect input
+    $v_min = escapeshellarg($_POST['v_min']);
+    $v_hour = escapeshellarg($_POST['v_hour']);
+    $v_day = escapeshellarg($_POST['v_day']);
+    $v_month = escapeshellarg($_POST['v_month']);
+    $v_wday = escapeshellarg($_POST['v_wday']);
+    $v_cmd = escapeshellarg($_POST['v_cmd']);
 
-        // Check for errors
-        if (!empty($errors[0])) {
-            foreach ($errors as $i => $error) {
-                if ( $i == 0 ) {
-                    $error_msg = $error;
-                } else {
-                    $error_msg = $error_msg.", ".$error;
-                }
-            }
-            $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
-        } else {
-            // Add Cron Job
-            exec (VESTA_CMD."v-add-cron-job ".$user." ".$v_min." ".$v_hour." ".$v_day." ".$v_month." ".$v_wday." ".$v_cmd, $output, $return_var);
-            $v_type = $_POST['v_type'];
-            $v_charset = $_POST['v_charset'];
-            if ($return_var != 0) {
-                $error = implode('<br>', $output);
-                if (empty($error)) $error = __('Error code:',$return_var);
-                $_SESSION['error_msg'] = $error;
-                unset($v_password);
-                unset($output);
+    // Check for errors
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
             } else {
-                $_SESSION['ok_msg'] = __('CRON_CREATED_OK');
-                unset($v_min);
-                unset($v_hour);
-                unset($v_day);
-                unset($v_month);
-                unset($v_wday);
-                unset($v_cmd);
-                unset($output);
+                $error_msg = $error_msg.", ".$error;
             }
         }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    } else {
+        // Add Cron Job
+        exec (VESTA_CMD."v-add-cron-job ".$user." ".$v_min." ".$v_hour." ".$v_day." ".$v_month." ".$v_wday." ".$v_cmd, $output, $return_var);
+        $v_type = $_POST['v_type'];
+        $v_charset = $_POST['v_charset'];
+        if ($return_var != 0) {
+            $error = implode('<br>', $output);
+            if (empty($error)) $error = __('Error code:',$return_var);
+            $_SESSION['error_msg'] = $error;
+            unset($v_password);
+            unset($output);
+        } else {
+            $_SESSION['ok_msg'] = __('CRON_CREATED_OK');
+            unset($v_min);
+            unset($v_hour);
+            unset($v_day);
+            unset($v_month);
+            unset($v_wday);
+            unset($v_cmd);
+            unset($output);
+        }
     }
-    exec (VESTA_CMD."v-list-database-types 'json'", $output, $return_var);
-    $db_types = json_decode(implode('', $output), true);
-    unset($output);
+}
 
-    include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/add_cron.html');
-    unset($_SESSION['error_msg']);
-    unset($_SESSION['ok_msg']);
-//}
+exec (VESTA_CMD."v-list-database-types 'json'", $output, $return_var);
+$db_types = json_decode(implode('', $output), true);
+unset($output);
+
+include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/add_cron.html');
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
 
 // Footer
 include($_SERVER['DOCUMENT_ROOT'].'/templates/footer.html');