From 2e8b3aa3e64051caca672f861870897c75b45bee Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alexander=20Nicolaysen=20S=C3=B8rnes?=
 <alex@thehandofagony.com>
Date: Sat, 6 Jan 2007 04:34:13 +0000
Subject: [PATCH] Fix filtering by comparing strpos identically with 0 using
 === instead of just equality with ==

---
 include/filter.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/filter.php b/include/filter.php
index 11415af..921e990 100644
--- a/include/filter.php
+++ b/include/filter.php
@@ -14,7 +14,7 @@ function filter_gpc()
         // Special cases for variables that don't fit our filtering scheme
         // don't filter the AppDB session cookie and MAX_FILE_SIZE
         // and the DialogX values that xinha uses
-        if(strpos($aKeys[$i], "Dialog") == 0) // Xinha variables
+        if(strpos($aKeys[$i], "Dialog") === 0) // Xinha variables
         {
             // copy the key over to the clean array
             // NOTE: we do not strip html tags or trim any Xinha variables
@@ -24,7 +24,7 @@ function filter_gpc()
             continue; // go to the next entry
         } else if($aKeys[$i] == "whq_appdb" || ($aKeys[$i] == "MAX_FILE_SIZE")
                   || ($aKeys[$i] == "PHPSESSID")
-                  || (strpos($aKeys[$i], "pref_") == 0)) // other variables
+                  || (strpos($aKeys[$i], "pref_")) === 0) // other variables
         {
             // copy the key over to the clean array after stripping tags and trimming
             $aClean[$aKeys[$i]] = trim(strip_tags($_REQUEST[$aKeys[$i]]));