claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-05-24. You can view files and clone it, but cannot push or open issues or pull requests.
Files
41597c9a791c83d8fd98f153af926a89bced89a1
qemudb/include/filter.php
Jonathan Ernst 8048e97846 Empty numeric values should default to 0
2006-07-07 16:01:26 +00:00

72 lines
2.5 KiB
PHP
Raw Blame History

<?php
$aClean = array();
filter_gpc();
/*
* Make all get/post/cookies variable clean based on their names.
*/
function filter_gpc()
{
global $aClean;
$aKeys = array_keys($_REQUEST);
for($i=0;$i<sizeof($aKeys);$i++)
{
switch($aKeys[$i][0])
{
case "i": // integer
case "f": // float
if(is_numeric($_REQUEST[$aKeys[$i]]))
$aClean[$aKeys[$i]] = $_REQUEST[$aKeys[$i]];
elseif(empty($_REQUEST[$aKeys[$i]]))
$aClean[$aKeys[$i]] = 0;
else
util_show_error_page_and_exit("Fatal error: ".$aKeys[$i]." should be a numeric value.");
break;
case "b": // boolean
if($_REQUEST[$aKeys[$i]]=="true" || $_REQUEST[$aKeys[$i]]=="false")
$aClean[$aKeys[$i]] = $_REQUEST[$aKeys[$i]];
else
util_show_error_page_and_exit("Fatal error: ".$aKeys[$i]." should be a boolean value.");
break;
case "s": // string
switch($aKeys[$i][1])
{
case "h": // HTML string
$aClean[$aKeys[$i]] = htmlspecialchars($_REQUEST[$aKeys[$i]]);
break;
default: // normal string (no HTML)
$aClean[$aKeys[$i]] = strip_tags($_REQUEST[$aKeys[$i]]);
break;
}
break;
case "a": // array
if(!is_array($_REQUEST[$aKeys[$i]]))
util_show_error_page_and_exit("Fatal error: ".$aKeys[$i]." should be an array.");
break;
default:
if($aKeys[$i]!="whq_appdb" && // don't filter the appdb session cookie
// or any bugzilla cookies
$aKeys[$i]!="BUGLIST" &&
$aKeys[$i]!="DEFAULTFORMAT" &&
$aKeys[$i]!="Bugzilla_login" &&
$aKeys[$i]!="LASTORDER" &&
$aKeys[$i]!="Bugzilla_logincookie" &&
$aKeys[$i]!="DEFAULTFORMAT" &&
$aKeys[$i]!="MAX_FILE_SIZE")
{
util_show_error_page_and_exit("Fatal error: type of variable ".$aKeys[$i]." is not recognized.");
}
break;
}
}
/* null out all input data so we can be assured that */
/* no unfiltered values are being used */
$_REQUEST = array();
$_POST = array();
$_GET = array();
$_COOKIES = array();
}
?>
Reference in New Issue View Git Blame Copy Permalink