Fix - example: Defensive programming in the SSP class

- Check for parameters before using them
2024-12-01 13:24:10 +01:00 · 2015-09-14 14:18:59 +01:00 · 2015-09-14 14:18:59 +01:00 · 1d401e4b15
commit 1d401e4b15
parent b03863fae7
2 changed files with 18 additions and 12 deletions
--- a/.datatables-commit-sync
+++ b/.datatables-commit-sync
@ -1 +1 @@
-fb3c76a712a435875f29521b44e3d4405ca92662
+9317fabae2aa71fd32f0ef9a2c4b707bc55f7a68
--- a/examples/server_side/scripts/ssp.class.php
+++ b/examples/server_side/scripts/ssp.class.php
@ -179,17 +179,19 @@ class SSP {
 		}

 		// Individual column filtering
-		for ( $i=0, $ien=count($request['columns']) ; $i<$ien ; $i++ ) {
-			$requestColumn = $request['columns'][$i];
-			$columnIdx = array_search( $requestColumn['data'], $dtColumns );
-			$column = $columns[ $columnIdx ];
+		if ( isset( $request['columns'] ) ) {
+			for ( $i=0, $ien=count($request['columns']) ; $i<$ien ; $i++ ) {
+				$requestColumn = $request['columns'][$i];
+				$columnIdx = array_search( $requestColumn['data'], $dtColumns );
+				$column = $columns[ $columnIdx ];

-			$str = $requestColumn['search']['value'];
+				$str = $requestColumn['search']['value'];

-			if ( $requestColumn['searchable'] == 'true' &&
-			 $str != '' ) {
-				$binding = self::bind( $bindings, '%'.$str.'%', PDO::PARAM_STR );
-				$columnSearch[] = "`".$column['db']."` LIKE ".$binding;
+				if ( $requestColumn['searchable'] == 'true' &&
+				 $str != '' ) {
+					$binding = self::bind( $bindings, '%'.$str.'%', PDO::PARAM_STR );
+					$columnSearch[] = "`".$column['db']."` LIKE ".$binding;
+				}
 			}
 		}

@ -265,7 +267,9 @@ class SSP {
 		 * Output
 		 */
 		return array(
-			"draw"            => intval( $request['draw'] ),
+			"draw"            => isset ( $request['draw'] ) ?
+				intval( $request['draw'] ) :
+				0,
 			"recordsTotal"    => intval( $recordsTotal ),
 			"recordsFiltered" => intval( $recordsFiltered ),
 			"data"            => self::data_output( $columns, $data )
@ -353,7 +357,9 @@ class SSP {
 		 * Output
 		 */
 		return array(
-			"draw"            => intval( $request['draw'] ),
+			"draw"            => isset ( $request['draw'] ) ?
+				intval( $request['draw'] ) :
+				0,
 			"recordsTotal"    => intval( $recordsTotal ),
 			"recordsFiltered" => intval( $recordsFiltered ),
 			"data"            => self::data_output( $columns, $data )