From 2a2c423d9c5a93c1ba3fc26e12bcd5e4865feff0 Mon Sep 17 00:00:00 2001 From: Jonathan Ernst Date: Fri, 7 Jul 2006 16:18:07 +0000 Subject: [PATCH] Enable filtering in account.php --- account.php | 29 ++++++----------------------- 1 file changed, 6 insertions(+), 23 deletions(-) diff --git a/account.php b/account.php index bdc0de1..7a6993a 100644 --- a/account.php +++ b/account.php @@ -20,20 +20,14 @@ // application environment include("path.php"); require(BASE."include/incl.php"); +require(BASE."include/filter.php"); require(BASE."include/mail.php"); // set http header to not cache header("Pragma: no-cache"); header("Cache-control: no-cache"); -$aClean = array(); //array of filtered user input - -// check command and process -if(!empty($_POST['sCmd'])) - $aClean['sCmd'] = makeSafe( $_POST['sCmd'] ); -else - $aClean['sCmd'] = makeSafe( $_GET['sCmd'] ); - +// process command do_account($aClean['sCmd']); @@ -95,13 +89,7 @@ function retry($sCmd, $sMsg) */ function cmd_do_new() { - $aClean = array(); //array of filtered user input - - $aClean['sUserEmail'] = makeSafe($_POST['sUserEmail']); - $aClean['sUserPassword'] = makeSafe($_POST['sUserPassword']); - $aClean['sUserPassword2'] = makeSafe($_POST['sUserPassword2']); - $aClean['sWineRelease'] = makeSafe($_POST['sWineRelease']); - $aClean['sUserRealname']= makeSafe($_POST['sUserRealname']); + global $aClean; if(!ereg("^.+@.+\\..+$", $aClean['sUserEmail'])) { @@ -159,10 +147,8 @@ function cmd_do_new() */ function cmd_send_passwd() { - $aClean = array(); //array of filtered user input - - $aClean['sUserEmail'] = makeSafe($_POST['sUserEmail']); - + global $aClean; + /* if the user didn't enter any email address we should */ /* ask them to */ if($aClean['sUserEmail'] == "") @@ -217,10 +203,7 @@ function cmd_send_passwd() */ function cmd_do_login() { - $aClean = array(); //array of filtered user input - - $aClean['sUserEmail'] = makeSafe($_POST['sUserEmail']); - $aClean['sUserPassword'] = makeSafe($_POST['sUserPassword']); + global $aClean; $oUser = new User(); $iResult = $oUser->login($aClean['sUserEmail'], $aClean['sUserPassword']);