Changeset 12
- Timestamp:
- Dec 2, 2009, 6:20:50 PM (15 years ago)
- Location:
- trunk/client
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/client/modules.php
r10 r12 27 27 } 28 28 29 30 29 if(isset($_SERVER['QUERY_STRING']) && (!stripos_clone($_SERVER['QUERY_STRING'], "ad_click") || !stripos_clone($_SERVER['QUERY_STRING'], "url"))) { 31 30 $queryString = $_SERVER['QUERY_STRING']; 32 if (stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,' /*') OR stripos_clone($queryString,'*/union/*') OR stripos_clone($queryString,'c2nyaxb0') OR stripos_clone($queryString,'+union+') OR stripos_clone($queryString,'http://') OR (stripos_clone($queryString,'cmd=') AND !stripos_clone($queryString,'&cmd')) OR (stripos_clone($queryString,'exec') AND !stripos_clone($queryString,'execu')) OR stripos_clone($queryString,'concat')) {31 if (stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'..') OR stripos_clone($queryString,'+') OR stripos_clone($queryString,'/*') OR stripos_clone($queryString,'*/union/*') OR stripos_clone($queryString,'c2nyaxb0') OR stripos_clone($queryString,'+union+') OR stripos_clone($queryString,'http://') OR (stripos_clone($queryString,'cmd=') AND !stripos_clone($queryString,'&cmd')) OR (stripos_clone($queryString,'exec') AND !stripos_clone($queryString,'execu')) OR stripos_clone($queryString,'concat')) { 33 32 die('Operazione non consentita'); 34 33 } 35 34 } 36 37 35 38 36 foreach ($_GET as $sec_key => $secvalue) { … … 211 209 if (isset($param['tema'])){ 212 210 $tema=$param['tema']; 211 $tema=htmlentities($tema); // evita xss 212 if(eregi("%", $tema)) $tema="default";// evita xss 213 213 $_SESSION['newtema']="$tema"; 214 214 } 215 216 if (eregi("%",$_SESSION['newtema'])) $_SESSION['newtema']="default"; // xss 215 217 if (isset($_SESSION['newtema'])) $tema=$_SESSION['newtema']; 216 217 218 218 219 219 $PHP_SELF=$_SERVER['PHP_SELF']; -
trunk/client/modules/Elezioni/gruppo.php
r2 r12 34 34 if (isset($param['id_gruppo'])) $id_gruppo=intval($param['id_gruppo']); else $id_gruppo=''; 35 35 #if (isset($param['tipo_cons'])) $tipo_cons=intval($param['tipo_cons']); else $tipo_cons=''; 36 37 # anti-xss nov. 2009 38 $id_comune=htmlentities($id_comune); 39 $id_comune=intval($id_comune); 40 $perc=floatval($perc); 41 $perc_lista=floatval($perc_lista); 42 $datipdf= htmlentities($datipdf); 43 $op= htmlentities($op); 44 $info= htmlentities($info); 45 $files=htmlentities($files); 46 $lettera=htmlentities($lettera); 36 47 37 48 -
trunk/client/modules/Elezioni/index.php
r10 r12 145 145 function menu() { 146 146 global $hondt,$lang,$multicomune, $tema, $op, $prefix, $dbi, $offset, $min,$descr_cons,$info,$dati, $votog,$votol,$votoc,$circo, $id_cons,$tipo_cons,$genere,$descr_cons,$id_cons_gen,$id_comune,$id_circ,$minsez,$offsetsez, $limite,$hondt,$tema_on,$js; 147 147 148 $tema=htmlentities($tema); //xss 148 149 # include menu da tema 149 150 if (file_exists("temi/$tema/menu.php")) {
Note:
See TracChangeset
for help on using the changeset viewer.