Changeset 43835 in spip-zone


Ignore:
Timestamp:
Jan 24, 2011, 11:46:10 AM (10 years ago)
Author:
jluc@…
Message:

oups à la verveine

File:
1 edited

Legend:

Unmodified
Added
Removed
  • _core_/securite/ecran_securite.php

    r43829 r43835  
    5454 *
    5555 */
    56 foreach(array('lang', 'var_recherche') as $ecran_securite_i)
    57 if (isset($_GET[$ecran_securite_i]))
    58         $_REQUEST[$ecran_securite_i] = $GLOBALS[$ecran_securite_i] = $_GET[$ecran_securite_i] = preg_replace(',[^\w-]+,',' ',(string)$_GET[$ecran_securite_i]);
    59 if (isset($_POST[$ecran_securite_i]))
    60         $_REQUEST[$ecran_securite_i] = $GLOBALS[$ecran_securite_i] = $_POST[$ecran_securite_i] = preg_replace(',[^\w-]+,',' ',(string)$_POST[$ecran_securite_i]);
     56foreach(array('lang', 'var_recherche') as $ecran_securite_i) {
     57        if (isset($_GET[$ecran_securite_i]))
     58                $_REQUEST[$ecran_securite_i] = $GLOBALS[$ecran_securite_i] = $_GET[$ecran_securite_i] = preg_replace(',[^\w-]+,',' ',(string)$_GET[$ecran_securite_i]);
     59        if (isset($_POST[$ecran_securite_i]))
     60                $_REQUEST[$ecran_securite_i] = $GLOBALS[$ecran_securite_i] = $_POST[$ecran_securite_i] = preg_replace(',[^\w-]+,',' ',(string)$_POST[$ecran_securite_i]);
     61}
    6162
    6263/*     - filtre l'acces a spip_acces_doc (injection SQL en 1.8.2x)
Note: See TracChangeset for help on using the changeset viewer.