Add $key to chkValue() and chkValueEx() for debug

Author: moodeaudio

www/apl-config.php

@@ -13,7 +13,7 @@
 
 if (isset($_POST['save']) && $_POST['save'] == '1') {
 	foreach ($_POST['config'] as $key => $value) {
-		chkValue($value);
+		chkValue($key, $value);
 		sqlUpdate('cfg_airplay', $dbh, $key, $value);
 
 		if ($value != 'deprecated') {

www/command/cfg-table.php

@@ -12,7 +12,7 @@
 
 chkVariables($_GET);
 chkVariables($_POST, array('library_flatlist_filter_str'));
-chkValueEx($_POST['library_flatlist_filter_str']);
+chkValueEx('library_flatlist_filter_str', $_POST['library_flatlist_filter_str']);
 
 switch ($_GET['cmd']) {
 	case 'get_cfg_tables':

www/command/index.php

@@ -17,7 +17,7 @@
 	exit(1);
 }
 
-chkValue($_GET['cmd']);
+chkValue('cmd', $_GET['cmd']);
 
 // DEBUG:
 //workerLog('index.php: cmd=' . $_GET['cmd']);
@@ -124,7 +124,7 @@ function getArgs($cmd) {
 	$argCount = count($cmd);
 	if ($argCount > 1) {
 		for ($i = 0; $i < $argCount; $i++) {
-			chkValue($cmd[$i + 1]);
+			chkValue('cmd', $cmd[$i + 1]);
 			$args .= ' ' . $cmd[$i + 1];
 		}
 	} else {

www/dez-config.php

@@ -14,7 +14,7 @@
 if (isset($_POST['save']) && $_POST['save'] == '1') {
 	foreach ($_POST['config'] as $key => $value) {
 		if ($key != 'password') {
-			chkValue($value);
+			chkValue($key, $value);
 		}
 		sqlUpdate('cfg_deezer', $dbh, $key, $value);
 	}

www/inc/common.php

@@ -83,21 +83,21 @@ function chkVariables($variables, $excludedKeys = array()) {
 					if (is_array($value2)) {
 						foreach($value2 as $key3 => $value3) {
 							if (!in_array($key3, $excludedKeys)) {
-								chkValue($value3);
+								chkValue($key3, $value3);
 							} else {
 								debugLog('chkVariables(): Excluded key: ' . $key3);
 							}
 						}
 					} else {
 						if (!in_array($key2, $excludedKeys)) {
-							chkValue($value2);
+							chkValue($key2, $value2);
 						} else {
 							debugLog('chkVariables(): Excluded key: ' . $key2);
 						}
 					}
 				}
 			} else {
-				chkValue($value);
+				chkValue($key, $value);
 			}
 		} else {
 			debugLog('chkVariables(): Excluded key: ' . $key);
@@ -106,7 +106,7 @@ function chkVariables($variables, $excludedKeys = array()) {
 }
 
 // Check for unwanted characters and shell commands
-function chkValue($value) {
+function chkValue($key = 'nokey', $value) {
 	$valid = true;
 	$msg = '';
 
@@ -133,18 +133,18 @@ function chkValue($value) {
 	if ($valid === false) {
 		// Write log entry
 		workerLog('SECCHK: ' . $msg);
-		workerLog('SECCHK: ' . $value);
+		workerLog('SECCHK: ' . $key . '|' . $value);
 		// Redirect to '400 Bad request' page and then exit
 		http_response_code(400);
 		header('Location: /response400.html');
 		exit(1);
 	} else {
-		//debugLog('chkValue(): ' . (empty($value) ? 'Value is blank' : $value));
+		//debugLog('chkValue(): ' . $key . '|' . (empty($value) ? 'Value is blank' : $value));
 	}
 }
 // Same as chkValue() except pipe | is excluded
 // For: library_flatlist_filter_str, ashuffle_filter
-function chkValueEx($value) {
+function chkValueEx($key = 'nokey', $value) {
 	$valid = true;
 	$msg = '';
 
@@ -171,13 +171,13 @@ function chkValueEx($value) {
 	if ($valid === false) {
 		// Write log entry
 		workerLog('SECCHK: ' . $msg);
-		workerLog('SECCHK: ' . $value);
+		workerLog('SECCHK: ' . $key . '|' . $value);
 		// Redirect to '400 Bad request' page and then exit
 		http_response_code(400);
 		header('Location: /response400.html');
 		exit(1);
 	} else {
-		//debugLog('chkValueEx(): ' . (empty($value) ? 'Value is blank' : $value));
+		//debugLog('chkValueEx(): ' . $key . '|' .  (empty($value) ? 'Value is blank' : $value));
 	}
 }
 
@@ -656,7 +656,7 @@ function updBootConfigTxt($action, $value) {
 				if ($result == '0') {
 					sysCmd('sed -i s/^dtparam=fan_temp0.*/dtparam=' . $value . '/ ' . BOOT_CONFIG_TXT);
 				} else {
-					sysCmd('sed -i s/^#dtparam=fan_temp0.*/dtparam=' . $value . '/ ' . BOOT_CONFIG_TXT);					
+					sysCmd('sed -i s/^#dtparam=fan_temp0.*/dtparam=' . $value . '/ ' . BOOT_CONFIG_TXT);
 				}
 			}
 			break;

www/players.php

@@ -10,7 +10,7 @@
 require_once __DIR__ . '/inc/sql.php';
 
 if (isset($_GET['cmd']) && !empty($_GET['cmd'])) {
-	chkValue($_GET['cmd']);
+	chkValue('cmd', $_GET['cmd']);
 	if (!isset($_POST['ipaddr'])) {
 		workerLog('players.php: No destination IP addresses for command ' . $_GET['cmd']);
 	} else {

www/snd-config.php

@@ -19,8 +19,8 @@
 $deviceNames = getAlsaDeviceNames();
 
 chkVariables($_POST, array('ashuffle_filter', 'ashuffle_exclude'));
-chkValueEx($_POST['ashuffle_filter']);
-chkValueEx($_POST['ashuffle_exclude']);
+chkValueEx('ashuffle_filter', $_POST['ashuffle_filter']);
+chkValueEx('ashuffle_exclude', $_POST['ashuffle_exclude']);
 
 // AUDIO OUTPUT
 

www/spo-config.php

@@ -13,7 +13,7 @@
 
 if (isset($_POST['save']) && $_POST['save'] == '1') {
 	foreach ($_POST['config'] as $key => $value) {
-		chkValue($value);
+		chkValue($key, $value);
 		sqlUpdate('cfg_spotify', $dbh, $key, $value);
 	}
 	$notify = $_SESSION['spotifysvc'] == '1' ?

www/sqe-config.php

@@ -14,7 +14,7 @@
 
 if (isset($_POST['save']) && $_POST['save'] == '1') {
 	foreach ($_POST['config'] as $key => $value) {
-		chkValue($value);
+		chkValue($key, $value);
 		sqlUpdate('cfg_sl', $dbh, $key, SQLite3::escapeString($value));
 	}
 	$notify = $_SESSION['slsvc'] == '1' ?

www/upp-config.php

@@ -17,7 +17,7 @@
 
 	foreach ($_POST['config'] as $key => $value) {
 		if ($key != 'qobuzpass') {
-			chkValue($value);
+			chkValue($key, $value);
 		}
 		sqlUpdate('cfg_upnp', $dbh, $key, $value);
 		if ($value != '') {