From ed0c6927445eccbe0f3e2b0cfc839d2a4cd4b88d Mon Sep 17 00:00:00 2001
From: Chris Morgan <cmorgan@alum.wpi.edu>
Date: Sat, 15 Jul 2006 05:16:37 +0000
Subject: [PATCH] Exclude GPC values that start with 'Dialog', these are used
 by Xinha and we don't want to modify that code.  Also exclude PHPSESSID, this
 is a convenience for developers as php uses this key for its default session
 management and we really don't mind if it is defined or not as we use our own
 session handlers

---
 include/filter.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/include/filter.php b/include/filter.php
index ddfb579..f5b558f 100644
--- a/include/filter.php
+++ b/include/filter.php
@@ -45,11 +45,13 @@ function filter_gpc()
             break;
             default:
                 // don't filter the AppDB session cookie and MAX_FILE_SIZE
-                if($aKeys[$i]!="whq_appdb" && $aKeys[$i]!="MAX_FILE_SIZE")
-                { 
+                // and the DialogX values that xinha uses
+                if($aKeys[$i]!="whq_appdb" && $aKeys[$i]!="MAX_FILE_SIZE" && $aKeys[$i]!="PHPSESSID"
+                   && strpos($aKeys[$i], "Dialog") == 0)
+                {
                     util_show_error_page_and_exit("Fatal error: type of variable ".$aKeys[$i]." is not recognized.");
                 }
-            break;
+                break;
         }
     }