claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix and enable input filtering through include/filter.php

Browse Source
This commit is contained in:
Chris Morgan
2007-01-04 02:35:01 +00:00
committed by WineHQ
parent 582ee561fc
commit a1a41d6b87
58 changed files with 129 additions and 385 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
include/url.php
View File

@@ -51,10 +51,7 @@ class Url {
*/
function create($sDescription = null, $sUrl = null, $iVersionId = null, $iAppId = null)
{
$aClean = array(); //array of filtered user input
$aClean['iVersionId'] = makeSafe($_REQUEST['iVersionId']);
$aClean['iAppId'] = makeSafe($_REQUEST['iAppId']);
global $aClean;
// Security, if we are not an administrator or a maintainer, the url must be queued.
if(!($_SESSION['current']->hasPriv("admin") || $_SESSION['current']->isMaintainer($aClean['iVersionId']) || $_SESSION['current']->isSupermaintainer($aClean['iAppId'])))
@@ -180,9 +177,8 @@ class Url {
function mailSubmitter($bRejected=false)
{
$aClean = array(); //array of filtered user input
global $aClean;
$aClean['sReplyText'] = makeSafe($_REQUEST['sReplyText']);
if($this->iSubmitterId)
{
$sAppName = Application::lookup_name($this->appId)." ".Version::lookup_name($this->versionId);