From 42c0611bc3c12d662001b2e13701e8ad6784bafa Mon Sep 17 00:00:00 2001 From: Janusz Dobrowolski Date: Wed, 3 Nov 2010 07:06:12 +0000 Subject: [PATCH] Additional request input cleanup. --- CHANGELOG.txt | 4 ++++ includes/session.inc | 8 +++++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 833c406a..7424b70c 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -19,6 +19,10 @@ Legend: ! -> Note $ -> Affected files +03-Nov-2010 Janusz Dobrowolski +# More corrections in cleanup for input +$ /includes/session.inc + 02-Nov-2010 Joe Hunt # Report Customer Details didn't show up correctly in Excel $ /reporting/rep103.php diff --git a/includes/session.inc b/includes/session.inc index d747888a..9a93a531 100644 --- a/includes/session.inc +++ b/includes/session.inc @@ -238,6 +238,10 @@ set_error_handler('error_handler' /*, errtypes */); if (!isset($_SESSION["wa_current_user"])) $_SESSION["wa_current_user"] = new current_user(); +html_cleanup($_GET); +html_cleanup($_POST); +html_cleanup($_REQUEST); + // logout.php is the only page we should have always // accessable regardless of access level and current login status. if (strstr($_SERVER['PHP_SELF'], 'logout.php') == false){ @@ -251,7 +255,7 @@ if (strstr($_SERVER['PHP_SELF'], 'logout.php') == false){ { // strip ajax marker from uri, to force synchronous page reload $_SESSION['timeout'] = array( 'uri'=>preg_replace('/JsHttpRequest=(?:(\d+)-)?([^&]+)/s', - '', @$_SERVER['REQUEST_URI']), + '', @htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES, $_SESSION['language']->encoding)), 'post' => $_POST); include($path_to_root . "/access/login.php"); @@ -291,6 +295,4 @@ $SysPrefs = &$_SESSION['SysPrefs']; // We quote all values later with db_escape() before db update. $_POST = strip_quotes($_POST); -html_cleanup($_GET); -html_cleanup($_POST); ?> \ No newline at end of file -- 2.30.2