Changeset 43835 in spip-zone
- Timestamp:
- Jan 24, 2011, 11:46:10 AM (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
_core_/securite/ecran_securite.php
r43829 r43835 54 54 * 55 55 */ 56 foreach(array('lang', 'var_recherche') as $ecran_securite_i) 57 if (isset($_GET[$ecran_securite_i])) 58 $_REQUEST[$ecran_securite_i] = $GLOBALS[$ecran_securite_i] = $_GET[$ecran_securite_i] = preg_replace(',[^\w-]+,',' ',(string)$_GET[$ecran_securite_i]); 59 if (isset($_POST[$ecran_securite_i])) 60 $_REQUEST[$ecran_securite_i] = $GLOBALS[$ecran_securite_i] = $_POST[$ecran_securite_i] = preg_replace(',[^\w-]+,',' ',(string)$_POST[$ecran_securite_i]); 56 foreach(array('lang', 'var_recherche') as $ecran_securite_i) { 57 if (isset($_GET[$ecran_securite_i])) 58 $_REQUEST[$ecran_securite_i] = $GLOBALS[$ecran_securite_i] = $_GET[$ecran_securite_i] = preg_replace(',[^\w-]+,',' ',(string)$_GET[$ecran_securite_i]); 59 if (isset($_POST[$ecran_securite_i])) 60 $_REQUEST[$ecran_securite_i] = $GLOBALS[$ecran_securite_i] = $_POST[$ecran_securite_i] = preg_replace(',[^\w-]+,',' ',(string)$_POST[$ecran_securite_i]); 61 } 61 62 62 63 /* - filtre l'acces a spip_acces_doc (injection SQL en 1.8.2x)
Note: See TracChangeset
for help on using the changeset viewer.