only process form values when the form has been submitted, re #1765

Merge request studip/studip!1157

only process form values when the form has been submitted, re #1765
c185ff77 · Elmar Ludwig · Jan-Hendrik Willms · 39a93615 · c185ff77
Commit c185ff77 authored 2 years ago by Elmar Ludwig Committed by Jan-Hendrik Willms 2 years ago
--- a/app/controllers/admin/user.php
+++ b/app/controllers/admin/user.php
@@ -60,25 +60,6 @@ class Admin_UserController extends AuthenticatedController
        $this->perm = $perm;
        $request    = '';
-        //Daten annehmen
-        if (Request::submitted('reset')) {
-            unset($_SESSION['admin']['user']);
-        } elseif (Request::submitted('search')) {
-            $request = $_SESSION['admin']['user'] = iterator_to_array(Request::getInstance());
-        }
-        //Suchparameter und Ergebnisse vorhanden
-        if (isset($_SESSION['admin']['user']) && $_SESSION['admin']['user']['results']) {
-            $request = $_SESSION['admin']['user'];
-        }
-        if (!empty($request)) {
-            // Inaktivität für die suche anpassen
-            $inaktiv = [$request['inaktiv'], $request['inaktiv_tage']];
-            if (empty($request['inaktiv_tage']) && $request['inaktiv'] != 'nie') {
-                $inaktiv = null;
-            }
-        }
        //Datafields
        $this->datafields = [];
@@ -94,17 +75,46 @@ class Admin_UserController extends AuthenticatedController
            return !$role->systemtype;
        });
-        //wenn suche durchgeführt
+        //Daten annehmen
-        if (!empty($request)) {
+        if (Request::submitted('reset')) {
+            unset($_SESSION['admin']['user']);
+        } elseif (Request::submitted('search')) {
+            $request = iterator_to_array(Request::getInstance());
+            // Inaktivität für die suche anpassen
+            $inaktiv = [$request['inaktiv'], $request['inaktiv_tage']];
+            if (empty($request['inaktiv_tage']) && $request['inaktiv'] != 'nie') {
+                $inaktiv = null;
+            }
            //suche mit datafields
+            $search_datafields = [];
            foreach ($this->datafields as $datafield) {
                if (mb_strlen($request[$datafield->id]) > 0
                    && !(in_array($datafield->type, words('selectbox radio')) && $request[$datafield->id] === '---ignore---')
                ) {
-                    $search_datafields[$datafield->id] = $request[$datafield->id];
+                    $search_datafields[$datafield->id] = trim($request[$datafield->id]);
                }
            }
+            $request['username']   = trim($request['username']);
+            $request['email']      = trim($request['email']);
+            $request['vorname']    = trim($request['vorname']);
+            $request['nachname']   = trim($request['nachname']);
+            $request['inaktiv']    = $inaktiv;
+            $request['datafields'] = $search_datafields;
+            $_SESSION['admin']['user'] = $request;
+        } elseif (!empty($_SESSION['admin']['user']['results'])) {
+            //Suchparameter und Ergebnisse vorhanden
+            $request = $_SESSION['admin']['user'];
+        }
+        $this->request = [];
+        $this->users = [];
+        //wenn suche durchgeführt
+        if (!empty($request)) {
            //Suchparameter
            $this->sortby = Request::option('sortby', 'username');
            $this->order  = Request::option('order', 'asc');
@@ -112,14 +122,6 @@ class Admin_UserController extends AuthenticatedController
                $this->order = $this->order == 'desc' ? 'asc' : 'desc';
            }
-            $request['username']   = $this->getStringValueFromRequest($request, 'username');
-            $request['email']      = $this->getStringValueFromRequest($request, 'email');
-            $request['vorname']    = $this->getStringValueFromRequest($request, 'vorname');
-            $request['nachname']   = $this->getStringValueFromRequest($request, 'nachname');
-            $request['inaktiv']    = $inaktiv;
-            $request['datafields'] = $search_datafields;
-            $request['sort']       = $this->sortby;
-            $request['order']      = $this->order;
            $empty_search          = $request['perm'] === 'alle';
            $values = [
@@ -215,15 +217,6 @@ class Admin_UserController extends AuthenticatedController
        }
    }
-    private function getStringValueFromRequest(array $request, string $key): ?string
-    {
-        if (!isset($request[$key])) {
-            return null;
-        }
-        return trim($request[$key]) ?: null;
-    }
    /**
     * Bulk action (delete users or send message to all)
     */