ChangeSet ID: 30856 CVSROOT: /opt/cvs-commit Module name: appdb Changes by: wineowner@winehq.org 2007/01/05 22:34:13

Modified files: include : filter.php

Log message: Alexander Nicolaysen Sørnes alex@thehandofagony.com Fix filtering by comparing strpos identically with 0 using === instead of just equality with ==

Patch: http://cvs.winehq.org/patch.py?id=30856

Old revision New revision Changes Path 1.10 1.11 +2 -2 appdb/include/filter.php

Index: appdb/include/filter.php diff -u -p appdb/include/filter.php:1.10 appdb/include/filter.php:1.11 --- appdb/include/filter.php:1.10 6 Jan 2007 4:34:13 -0000 +++ appdb/include/filter.php 6 Jan 2007 4:34:13 -0000 @@ -14,7 +14,7 @@ function filter_gpc() // Special cases for variables that don't fit our filtering scheme // don't filter the AppDB session cookie and MAX_FILE_SIZE // and the DialogX values that xinha uses - if(strpos($aKeys[$i], "Dialog") == 0) // Xinha variables + if(strpos($aKeys[$i], "Dialog") === 0) // Xinha variables { // copy the key over to the clean array // NOTE: we do not strip html tags or trim any Xinha variables @@ -24,7 +24,7 @@ function filter_gpc() continue; // go to the next entry } else if($aKeys[$i] == "whq_appdb" || ($aKeys[$i] == "MAX_FILE_SIZE") || ($aKeys[$i] == "PHPSESSID") - || (strpos($aKeys[$i], "pref_") == 0)) // other variables + || (strpos($aKeys[$i], "pref_")) === 0) // other variables { // copy the key over to the clean array after stripping tags and trimming $aClean[$aKeys[$i]] = trim(strip_tags($_REQUEST[$aKeys[$i]]));