makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fixed some slashing problems

Browse source 
git-svn-id: file:///svn/phpbb/trunk@359 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2001-05-28 14:06:37 +00:00
parent a4f2c2f535
commit 81015f9428
1 changed files with 33 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

66
phpBB/profile.php
View file

@ -570,21 +570,21 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
else else
{ {
$user_id = $userdata['user_id']; $user_id = $userdata['user_id'];
$username = $userdata['username']; $username = stripslashes($userdata['username']);
$email = $userdata['user_email']; $email = stripslashes($userdata['user_email']);
$password = ""; $password = "";
$password_confirm = ""; $password_confirm = "";
$icq = $userdata['user_icq']; $icq = stripslashes($userdata['user_icq']);
$aim = $userdata['user_aim']; $aim = stripslashes($userdata['user_aim']);
$msn = $userdata['user_msnm']; $msn = stripslashes($userdata['user_msnm']);
$yim = $userdata['user_yim']; $yim = stripslashes($userdata['user_yim']);
$website = $userdata['user_website']; $website = stripslashes($userdata['user_website']);
$location = $userdata['user_from']; $location = stripslashes($userdata['user_from']);
$occupation = $userdata['user_occ']; $occupation = stripslashes($userdata['user_occ']);
$interests = $userdata['user_interests']; $interests = stripslashes($userdata['user_interests']);
$signature = str_replace("<br />", "\n", $userdata['user_sig']); $signature = stripslashes(str_replace("<br />", "\n", $userdata['user_sig']));
$viewemail = $userdata['user_viewemail']; $viewemail = $userdata['user_viewemail'];
$attachsig = $userdata['user_attachsig']; $attachsig = $userdata['user_attachsig'];
@ -592,12 +592,12 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
$allowbbcode = $userdata['user_allowbbcode']; $allowbbcode = $userdata['user_allowbbcode'];
$allowsmilies = $userdata['user_allowsmile']; $allowsmilies = $userdata['user_allowsmile'];
$user_avatar = $userdata['user_avatar']; $user_avatar = stripslashes($userdata['user_avatar']);
$user_theme = $userdata['user_theme']; $user_theme = $userdata['user_theme'];
$user_lang = $userdata['user_lang']; $user_lang = $userdata['user_lang'];
$user_timezone = $userdata['user_timezone']; $user_timezone = $userdata['user_timezone'];
$user_template = $userdata['user_template']; $user_template = $userdata['user_template'];
$user_dateformat = $userdata['user_dateformat']; $user_dateformat = stripslashes($userdata['user_dateformat']);
} }
$template->set_filenames(array( $template->set_filenames(array(
@ -700,15 +700,15 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
$password_confirm = (!empty($HTTP_POST_VARS['password_confirm'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['password_confirm']))) : ""; $password_confirm = (!empty($HTTP_POST_VARS['password_confirm'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['password_confirm']))) : "";
$icq = (!empty($HTTP_POST_VARS['icq'])) ? trim(strip_tags($HTTP_POST_VARS['icq'])) : ""; $icq = (!empty($HTTP_POST_VARS['icq'])) ? trim(strip_tags($HTTP_POST_VARS['icq'])) : "";
$aim = (!empty($HTTP_POST_VARS['aim'])) ? trim(strip_tags(addslashes($HTTP_POST_VARS['aim']))) : ""; $aim = (!empty($HTTP_POST_VARS['aim'])) ? trim(strip_tags($HTTP_POST_VARS['aim'])) : "";
$msn = (!empty($HTTP_POST_VARS['msn'])) ? trim(strip_tags(addslashes($HTTP_POST_VARS['msn']))) : ""; $msn = (!empty($HTTP_POST_VARS['msn'])) ? trim(strip_tags($HTTP_POST_VARS['msn'])) : "";
$yim = (!empty($HTTP_POST_VARS['yim'])) ? trim(strip_tags(addslashes($HTTP_POST_VARS['yim']))) : ""; $yim = (!empty($HTTP_POST_VARS['yim'])) ? trim(strip_tags($HTTP_POST_VARS['yim'])) : "";
$website = (!empty($HTTP_POST_VARS['website'])) ? trim(strip_tags(addslashes($HTTP_POST_VARS['website']))) : ""; $website = (!empty($HTTP_POST_VARS['website'])) ? trim(strip_tags($HTTP_POST_VARS['website'])) : "";
$location = (!empty($HTTP_POST_VARS['location'])) ? trim(strip_tags(addslashes($HTTP_POST_VARS['location']))) : ""; $location = (!empty($HTTP_POST_VARS['location'])) ? trim(strip_tags($HTTP_POST_VARS['location'])) : "";
$occupation = (!empty($HTTP_POST_VARS['occupation'])) ? trim(strip_tags(addslashes($HTTP_POST_VARS['occupation']))) : ""; $occupation = (!empty($HTTP_POST_VARS['occupation'])) ? trim(strip_tags($HTTP_POST_VARS['occupation'])) : "";
$interests = (!empty($HTTP_POST_VARS['interests'])) ? trim(addslashes($HTTP_POST_VARS['interests'])) : ""; $interests = (!empty($HTTP_POST_VARS['interests'])) ? trim($HTTP_POST_VARS['interests']) : "";
$signature = (!empty($HTTP_POST_VARS['signature'])) ? trim(addslashes($HTTP_POST_VARS['signature'])) : ""; $signature = (!empty($HTTP_POST_VARS['signature'])) ? trim($HTTP_POST_VARS['signature']) : "";
$viewemail = (!empty($HTTP_POST_VARS['viewemail'])) ? $HTTP_POST_VARS['viewemail'] : 0; $viewemail = (!empty($HTTP_POST_VARS['viewemail'])) ? $HTTP_POST_VARS['viewemail'] : 0;
$attachsig = (!empty($HTTP_POST_VARS['attachsig'])) ? $HTTP_POST_VARS['attachsig'] : 0; $attachsig = (!empty($HTTP_POST_VARS['attachsig'])) ? $HTTP_POST_VARS['attachsig'] : 0;
@ -934,18 +934,18 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
$template->assign_var_from_handle("JUMPBOX", "jumpbox"); $template->assign_var_from_handle("JUMPBOX", "jumpbox");
$template->assign_vars(array( $template->assign_vars(array(
"MODE" => $mode, "MODE" => $mode,
"USERNAME" => $username, "USERNAME" => stripslashes($username),
"EMAIL" => $email, "EMAIL" => stripslashes($email),
"YIM" => $yim, "YIM" => stripslashes($yim),
"ICQ" => $icq, "ICQ" => stripslashes($icq),
"MSN" => $msn, "MSN" => stripslashes($msn),
"AIM" => $aim, "AIM" => stripslashes($aim),
"COPPA" => $coppa, "COPPA" => $coppa,
"OCCUPATION" => $occupation, "OCCUPATION" => stripslashes($occupation),
"INTERESTS" => $interests, "INTERESTS" => stripslashes($interests),
"LOCATION" => $location, "LOCATION" => stripslashes($location),
"WEBSITE" => $website, "WEBSITE" => stripslashes($website),
"SIGNATURE" => $signature, "SIGNATURE" => stripslashes($signature),
"VIEW_EMAIL_YES" => ($viewemail) ? "CHECKED" : "", "VIEW_EMAIL_YES" => ($viewemail) ? "CHECKED" : "",
"VIEW_EMAIL_NO" => (!$viewemail) ? "CHECKED" : "", "VIEW_EMAIL_NO" => (!$viewemail) ? "CHECKED" : "",
"ALWAYS_ADD_SIGNATURE_YES" => ($attachsig) ? "CHECKED" : "", "ALWAYS_ADD_SIGNATURE_YES" => ($attachsig) ? "CHECKED" : "",
@ -960,7 +960,7 @@ if(isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']))
"LANGUAGE_SELECT" => language_select($user_lang), "LANGUAGE_SELECT" => language_select($user_lang),
"THEME_SELECT" => theme_select($user_theme), "THEME_SELECT" => theme_select($user_theme),
"TIMEZONE_SELECT" => tz_select($user_timezone), "TIMEZONE_SELECT" => tz_select($user_timezone),
"DATE_FORMAT" => $user_dateformat, "DATE_FORMAT" => stripslashes($user_dateformat),
"TEMPLATE_SELECT" => template_select($user_template), "TEMPLATE_SELECT" => template_select($user_template),
"L_SUBMIT" => $l_submit, "L_SUBMIT" => $l_submit,