Changes in trunk/admin/admin.php [15:23]
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/admin.php
r15 r23 71 71 72 72 foreach ($_GET as $sec_key => $secvalue) { 73 if (( eregi("<[^>]*script*\"?[^>]*>",$secvalue)) ||74 ( eregi("<[^>]*object*\"?[^>]*>", $secvalue)) ||75 ( eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) ||76 ( eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) ||77 ( eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) ||78 ( eregi("<[^>]*style*\"?[^>]*>", $secvalue)) ||79 ( eregi("<[^>]*form*\"?[^>]*>", $secvalue)) ||80 ( eregi("<[^>]*img*\"?[^>]*>", $secvalue)) ||81 ( eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) ||82 ( eregi("<[^>]*body*\"?[^>]*>", $secvalue)) ||83 ( eregi("\([^>]*\"?[^)]*\)", $secvalue)) ||84 ( eregi("\"", $secvalue)) ||85 ( eregi("inside_mod", $sec_key))) {73 if ((preg_match("/<[^>]*script*\"?[^>]*>/i",$secvalue)) || 74 (preg_match("/<[^>]*object*\"?[^>]*>/i", $secvalue)) || 75 (preg_match("/<[^>]*iframe*\"?[^>]*>/i", $secvalue)) || 76 (preg_match("/<[^>]*applet*\"?[^>]*>/i", $secvalue)) || 77 (preg_match("/<[^>]*meta*\"?[^>]*>/i", $secvalue)) || 78 (preg_match("/<[^>]*style*\"?[^>]*>/i", $secvalue)) || 79 (preg_match("/<[^>]*form*\"?[^>]*>/i", $secvalue)) || 80 (preg_match("/<[^>]*img*\"?[^>]*>/i", $secvalue)) || 81 (preg_match("/<[^>]*onmouseover*\"?[^>]*>/i", $secvalue)) || 82 (preg_match("/<[^>]*body*\"?[^>]*>/i", $secvalue)) || 83 (preg_match("/\([^>]*\"?[^)]*\)/", $secvalue)) || 84 (preg_match("/\"/", $secvalue)) || 85 (preg_match("/inside_mod/i", $sec_key))) { 86 86 die ("Operazione non consentita"); 87 87 } … … 89 89 90 90 foreach ($_POST as $secvalue) { 91 if (( eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) || (eregi("<[^>]script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*body*\"?[^>]*>", $secvalue)) || (eregi("<[^>]style*\"?[^>]*>", $secvalue))) {91 if ((preg_match("/<[^>]*onmouseover*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]script*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]*body*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]style*\"?[^>]*>/i", $secvalue))) { 92 92 die ('Operazione non consentita'); 93 93 } … … 124 124 $dbi=mysql_connect($dbhost, $dbuname, $dbpass) or die("Connessione non riuscita: " . mysql_error()); 125 125 mysql_select_db($dbname)or die("Connessione non riuscita:" . mysql_error()); 126 mysql_set_charset('utf8', $dbi);126 mysql_query("SET NAMES 'utf8'", $dbi); 127 127 //---10/05/2009 gestione consultazione predefinita 128 128 $res_config = mysql_query("select * from ".$prefix."_config ",$dbi); … … 161 161 if (strlen($aid)>25 ) { die ("Nome utente troppo lungo: $aid"); } 162 162 if (!isset($param['id_ses']) or $param['id_ses'] != session_id()) logout(); 163 if ( ereg(" ", $aid)) { die ("Gli spazi non sono ammessi nel nome utente: $aid"); }163 if (strstr( $aid," ")) { die ("Gli spazi non sono ammessi nel nome utente: $aid"); } 164 164 if (isset($_SESSION['aid'])){ 165 165 logout();//se hai gia' una sessione aperta non puoi postare 'aid'
Note:
See TracChangeset
for help on using the changeset viewer.