claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix filtering by comparing strpos identically with 0 using === instead of just equality with ==

Browse Source
This commit is contained in:
Alexander Nicolaysen Sørnes
2007-01-06 04:34:13 +00:00
committed by WineHQ
parent af877bfc70
commit 2e8b3aa3e6
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
include/filter.php
View File

@@ -14,7 +14,7 @@ function filter_gpc()
// Special cases for variables that don't fit our filtering scheme // Special cases for variables that don't fit our filtering scheme
// don't filter the AppDB session cookie and MAX_FILE_SIZE // don't filter the AppDB session cookie and MAX_FILE_SIZE
// and the DialogX values that xinha uses // and the DialogX values that xinha uses
if(strpos($aKeys[$i], "Dialog") == 0) // Xinha variables if(strpos($aKeys[$i], "Dialog") === 0) // Xinha variables
{ {
// copy the key over to the clean array // copy the key over to the clean array
// NOTE: we do not strip html tags or trim any Xinha variables // NOTE: we do not strip html tags or trim any Xinha variables
@@ -24,7 +24,7 @@ function filter_gpc()
continue; // go to the next entry continue; // go to the next entry
} else if($aKeys[$i] == "whq_appdb" || ($aKeys[$i] == "MAX_FILE_SIZE") } else if($aKeys[$i] == "whq_appdb" || ($aKeys[$i] == "MAX_FILE_SIZE")
|| ($aKeys[$i] == "PHPSESSID") || ($aKeys[$i] == "PHPSESSID")
|| (strpos($aKeys[$i], "pref_") == 0)) // other variables || (strpos($aKeys[$i], "pref_")) === 0) // other variables
{ {
// copy the key over to the clean array after stripping tags and trimming // copy the key over to the clean array after stripping tags and trimming
$aClean[$aKeys[$i]] = trim(strip_tags($_REQUEST[$aKeys[$i]])); $aClean[$aKeys[$i]] = trim(strip_tags($_REQUEST[$aKeys[$i]]));