claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,228 Commits 1 Branch 0 Tags
f08ae29f5855f66c88400d9f15e6821dbcf55c99
Commit Graph

15 Commits

Author SHA1 Message Date
Chris Morgan
232c3bda40 Add a suggestion to users that are receiving filter errors to clear out their cookies. 2007-07-05 21:49:17 +00:00
Chris Morgan
15cd979264 Exclude 'XinhaColorPicker' get/post/cookie variable from normal filtering. Fixes a bug where 
using the color picker resulted in an appdb error message until the cookie was removed.
 2007-06-29 02:20:11 +00:00
Chris Morgan
3eca785210 filter_gpc() should report success or failure, a higher level function should take care of calling out to an error page. 
Add a unit test for filter_gpc() and test filtering success, failure and test that the filtering of html and normal strings
properly preserves tags for html strings and strips them from normal strings
 2007-01-06 06:27:50 +00:00
Chris Morgan
a992178883 Fix filtering of html, we shouldn't be running htmlspecialchars() on html code that needs to be 
preserved without modification
 2007-01-06 05:30:31 +00:00
Alexander Nicolaysen Sørnes
2e8b3aa3e6 Fix filtering by comparing strpos identically with 0 using === instead of just equality with == 2007-01-06 04:34:13 +00:00
Chris Morgan
9f88239d1f When filtering copy Xinha variables verbatim instead of stripping out html tags 2007-01-05 04:59:04 +00:00
Chris Morgan
a1a41d6b87 Fix and enable input filtering through include/filter.php 2007-01-04 02:35:01 +00:00
Jonathan Ernst
3a61131ffd Trim 's' and 'sh' variables in filter.php so we correctly convert variable values with spaces into "" strings 2006-07-18 02:42:57 +00:00
Chris Morgan
ed0c692744 Exclude GPC values that start with 'Dialog', these are used by Xinha and we don't want to modify that code. Also exclude 
PHPSESSID, this is a convenience for developers as php uses this key for its default session management and we really don't
mind if it is defined or not as we use our own session handlers
 2006-07-15 05:16:37 +00:00
Jonathan Ernst
89915be4f1 Add an option to prevent filtering of cookies in the case where multiple web apps are hosted 
on the same virtualhost
 2006-07-07 16:39:27 +00:00
Jonathan Ernst
8048e97846 Empty numeric values should default to 0 2006-07-07 16:01:26 +00:00
Tony Lambregts
675a47f491 filter_gpc() should ignore any bugzilla parameters to avoid errors when these cookies are set 2006-07-07 04:49:32 +00:00
Jonathan Ernst
3096e63828 Rename util_show_error_page() to util_show_error_page_and_exit() and redirect() to util_redirect_and_exit() 
so it is explicit that we exit in those functions that so we know it isn't necessary to put an exit after
we call them
 2006-07-06 18:44:56 +00:00
Jonathan Ernst
6b89df82a5 Check for arrays when filtering. MAX_FILE_SIZE should not be filtered 2006-06-29 16:09:29 +00:00
Jonathan Ernst
df8baf54fe Automatic filtering of $_REQUEST variables 2006-06-28 17:30:44 +00:00