Ignore:
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/client/modules.php

    r29 r17  
    3535
    3636foreach ($_GET as $sec_key => $secvalue) {
    37     if ((preg_match("/<[^>]*script*\"?[^>]*>/i",$secvalue)) ||
    38         (preg_match("/<[^>]*object*\"?[^>]*>/i", $secvalue)) ||
    39         (preg_match("/<[^>]*iframe*\"?[^>]*>/i", $secvalue)) ||
    40         (preg_match("/<[^>]*applet*\"?[^>]*>/i", $secvalue)) ||
    41         (preg_match("/<[^>]*meta*\"?[^>]*>/i", $secvalue)) ||
    42         (preg_match("/<[^>]*style*\"?[^>]*>/i", $secvalue)) ||
    43         (preg_match("/<[^>]*form*\"?[^>]*>/i", $secvalue)) ||
    44         (preg_match("/<[^>]*img*\"?[^>]*>/i", $secvalue)) ||
    45         (preg_match("/<[^>]*onmouseover*\"?[^>]*>/i", $secvalue)) ||
    46         (preg_match("/<[^>]*body*\"?[^>]*>/i", $secvalue)) ||
    47         (preg_match("/\([^>]*\"?[^)]*\)/", $secvalue)) ||
    48         (preg_match("/\"/", $secvalue)) ||
    49         (preg_match("/inside_mod/i", $sec_key))) {
     37    if ((preg_match('/<[^>]*script*\"?[^>]*>/i', $secvalue)) ||
     38        (eregi("<[^>]*object*\"?[^>]*>", $secvalue)) ||
     39        (eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) ||
     40        (eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) ||
     41        (eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) ||
     42        (eregi("<[^>]*style*\"?[^>]*>", $secvalue)) ||
     43        (eregi("<[^>]*form*\"?[^>]*>", $secvalue)) ||
     44        (eregi("<[^>]*img*\"?[^>]*>", $secvalue)) ||
     45        (eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) ||
     46        (eregi("<[^>]*body*\"?[^>]*>", $secvalue)) ||
     47        (eregi("\([^>]*\"?[^)]*\)", $secvalue)) ||
     48        (eregi("\"", $secvalue)) ||
     49        (eregi("inside_mod", $sec_key))) {
    5050        die ("Operazione non consentita");
    5151     }
     
    5353
    5454  foreach ($_POST as $secvalue) {
    55     if ((preg_match("/<[^>]*onmouseover*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]script*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]*body*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]style*\"?[^>]*>/i", $secvalue))) {
     55    if ((eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) || (eregi("<[^>]script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*body*\"?[^>]*>", $secvalue)) || (eregi("<[^>]style*\"?[^>]*>", $secvalue))) {
    5656      die ($htmltags);
    5757    }
     
    7474global $op,$name;
    7575if(!isset($_GET['js'])){
    76 $querystring= @preg_replace('/'.$_SERVER['DOCUMENT_ROOT'].'/i','http://'.$_SERVER['HTTP_HOST'].'/',$_SERVER['SCRIPT_FILENAME']);
    77 if (preg_match("/modules.php/i",$_SERVER['SCRIPT_NAME'])) $pagina="name=$name"; // reindirizza
    78 if (preg_match("/admin.php/i",$_SERVER['SCRIPT_NAME'])) $pagina="op=$op"; // reindirizza
     76$querystring= @eregi_replace($_SERVER['DOCUMENT_ROOT'],'http://'.$_SERVER['HTTP_HOST'].'/',$_SERVER['SCRIPT_FILENAME']);
     77if (eregi("modules.php",$_SERVER['SCRIPT_NAME'])) $pagina="name=$name"; // reindirizza
     78if (eregi("admin.php",$_SERVER['SCRIPT_NAME'])) $pagina="op=$op"; // reindirizza
    7979 echo "<noscript><meta http-equiv=\"refresh\" content=\"0; url=".$querystring."?js=b&amp;$pagina\"/></noscript>";
    8080  }
     
    104104die("<center><img src=src=\"images/logo.gif\" target=\"Logo Avviso Errore\"><br/><br/><b>Ci sono dei problemi di connessione al DataBase $dbtype, chiediamo scusa per l'inconveniente.<br/><br/>Provate piu' tardi, Grazie.</b><br/><font color=\"#ff0000\">". mysql_error()."</font></center>");
    105105}
    106 mysql_query("SET NAMES 'utf8'", $dbi);
     106mysql_set_charset('utf8', $dbi);
    107107
    108108# carica i parametri di default sulla tabella
     
    210210        $tema=$param['tema'];
    211211        $tema=htmlentities($tema); // evita xss
    212         if(preg_match("/%/i", $tema)) $tema="default";// evita xss
     212        if(eregi("%", $tema)) $tema="default";// evita xss
    213213        $_SESSION['newtema']="$tema";
    214214        }
    215 if (isset($_SESSION['newtema'])) {
    216         $tema=$_SESSION['newtema'];
    217         if (preg_match("/%/i",$_SESSION['newtema'])) $_SESSION['newtema']="default"; // xss
    218 }
     215
     216if (eregi("%",$_SESSION['newtema'])) $_SESSION['newtema']="default"; // xss
     217if (isset($_SESSION['newtema'])) $tema=$_SESSION['newtema'];
     218
    219219$PHP_SELF=$_SERVER['PHP_SELF'];
    220220$file=(isset($_GET['file'])) ? $_GET['file']:"index";
     
    223223$name=htmlentities($name);
    224224$file=htmlentities($file);
    225 #$id_comune=intval($id_comune);
     225$id_comune=intval($id_comune);
    226226
    227227$modpath = "modules/$name/$file.php";
Note: See TracChangeset for help on using the changeset viewer.