Changeset 75105 in spip-zone
- Timestamp:
- Aug 29, 2013, 6:54:33 PM (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
_core_/securite/ecran_securite.php
r72990 r75105 6 6 */ 7 7 8 define('_ECRAN_SECURITE', '1.1. 7'); // 24 mai 20138 define('_ECRAN_SECURITE', '1.1.8'); // 2013-08-29 9 9 10 10 /* … … 254 254 AND 255 255 // cas qui permettent de sortir d'un commentaire PHP 256 (strpos($_REQUEST['connect'], "?".">")!==false 256 (strpos($_REQUEST['connect'], "?")!==false 257 OR strpos($_REQUEST['connect'], ">")!==false 257 258 OR strpos($_REQUEST['connect'], "\n")!==false 258 259 OR strpos($_REQUEST['connect'], "\r")!==false) 259 260 ) { 260 $_REQUEST['connect'] = str_replace(array("?" .">", "\r", "\n"), "", $_REQUEST['connect']);261 $_REQUEST['connect'] = str_replace(array("?", ">", "\r", "\n"), "", $_REQUEST['connect']); 261 262 if (isset($_GET['connect'])) $_GET['connect'] = $_REQUEST['connect']; 262 263 if (isset($_POST['connect'])) $_POST['connect'] = $_REQUEST['connect'];
Note: See TracChangeset
for help on using the changeset viewer.