Changeset 344 for trunk/admin
- Timestamp:
- Dec 1, 2020, 8:25:00 PM (4 years ago)
- Location:
- trunk/admin
- Files:
-
- 36 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/admin.php
r336 r344 45 45 46 46 $param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST; 47 if (isset($param['aid'])) get_magic_quotes_gpc() ? $aid=$param['aid']:$aid=addslashes($param['aid']);48 if (isset($param['pwd'])) get_magic_quotes_gpc() ? $pwd2=$param['pwd']:$pwd2=addslashes($param['pwd']);47 if (isset($param['aid'])) $aid=addslashes($param['aid']); else $aid=''; 48 if (isset($param['pwd'])) $pwd2=addslashes($param['pwd']); else $pwd2=''; 49 49 // Additional security (Union, CLike, XSS) 50 50 … … 399 399 400 400 #echo "op:".$param['op']." -- aid:".$_SESSION['aid']."remote:".$_SESSION['remote']."REMOTE:".$_SERVER['REMOTE_ADDR']; 401 if (isset($param['op'])) get_magic_quotes_gpc() ? $op=$param['op']:$op=addslashes($param['op']); else $op='ele';401 if (isset($param['op'])) $op=addslashes($param['op']); else $op='ele'; 402 402 //if (isset($param['op'])) $op=$param['op']; else $op='ele'; 403 403 if (isset($_SESSION['aid']) AND $_SESSION['remote']==$_SERVER['REMOTE_ADDR']) { -
trunk/admin/modules/Elezioni/controllo_votanti.php
r331 r344 37 37 $row = $sth->fetch(PDO::FETCH_BOTH); 38 38 $genere = $row[0]; 39 if (isset($param['ops'])) get_magic_quotes_gpc() ? $ops=$param['ops']:$ops=addslashes($param['ops']); else $ops='';39 if (isset($param['ops'])) $ops=addslashes($param['ops']); else $ops=''; 40 40 if (isset($param['pag'])) $pag=intval($param['pag']); else $pag=0; 41 41 if (isset($param['num_ref'])) $num_ref=intval($param['num_ref']); -
trunk/admin/modules/Elezioni/controllo_voti.php
r331 r344 37 37 include("modules/Elezioni/funzionidata.php"); 38 38 include("modules/Elezioni/ele.php"); 39 if (! get_magic_quotes_gpc()) $magic='addslashes'; else $magic=''; 40 if (isset($param['ops'])) get_magic_quotes_gpc() ? $ops=$param['ops']:$ops=addslashes($param['ops']); else $ops=''; 39 if (isset($param['ops'])) $ops=addslashes($param['ops']); else $ops=''; 41 40 if (isset($param['pag'])) $pag=intval($param['pag']); else $pag=0; 42 41 if (isset($param['num_ref'])) $num_ref=intval($param['num_ref']); -
trunk/admin/modules/Elezioni/ele_affluenze.php
r336 r344 19 19 #$dbi=$_SESSION['dbi']; 20 20 $prefix=$_SESSION['prefix']; 21 $ currentlang=$_SESSION['lang'];21 $language=$_SESSION['lang']; 22 22 $id_cons_gen=$_GET['id_cons_gen']; 23 23 $perms=ChiSei(0); … … 30 30 31 31 if (isset($_GET['min'])) $min=intval($_GET['min']); else $min=0; 32 if (isset($_GET['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';32 if (isset($_GET['do'])) $do=addslashes($param['do']); else $do=''; 33 33 if (isset($_GET['ov'])) $ov=intval($_GET['ov']); else $ov=''; 34 34 if (isset($_GET['mv'])) $mv=intval($_GET['mv']); else $mv=''; … … 36 36 if (isset($_GET['msv'])) $msv=intval($_GET['msv']); else $msv=''; 37 37 if (isset($_GET['av'])) $av=intval($_GET['av']); else $av=''; 38 if (isset($_GET['tipo'])) get_magic_quotes_gpc() ? $tipo=$param['tipo']:$tipo=addslashes($param['tipo']); else $tipo='';39 if (isset($_GET['ok'])) get_magic_quotes_gpc() ? $ok=$param['ok']:$ok=addslashes($param['ok']); else $ok='';40 if (isset($_GET['modello'])) get_magic_quotes_gpc() ? $modello=$param['modello']:$modello=addslashes($param['modello']); else $modello='';38 if (isset($_GET['tipo'])) $tipo=addslashes($param['tipo']); else $tipo=''; 39 if (isset($_GET['ok'])) $ok=addslashes($param['ok']); else $ok=''; 40 if (isset($_GET['modello'])) $modello=addslashes($param['modello']); else $modello=''; 41 41 if (isset($_GET['help'])) $help=intval($_GET['help']); 42 42 -
trunk/admin/modules/Elezioni/ele_associazioni.php
r318 r344 39 39 include("modules/Elezioni/funzionidata.php"); 40 40 include("modules/Elezioni/ele.php"); 41 if (isset($_GET['descr_comu'])) get_magic_quotes_gpc() ? $descr_comu=$param['descr_comu']:$descr_comu=addslashes($param['descr_comu']); else $descr_comu='';42 if (isset($_GET['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';41 if (isset($_GET['descr_comu'])) $descr_comu=addslashes($param['descr_comu']); else $descr_comu=''; 42 if (isset($_GET['do'])) $do=addslashes($param['do']); else $do=''; 43 43 if (isset($_GET['ok'])) $ok=intval($_GET['ok']); else $ok=''; 44 44 if (isset($_GET['id_cons_comu'])) $id_cons_comu=intval($_GET['id_cons_comu']); else $id_cons_comu='0'; -
trunk/admin/modules/Elezioni/ele_candidato.php
r338 r344 34 34 include("modules/Elezioni/ele.php"); 35 35 36 if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';36 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 37 37 if (isset($param['min'])) $min=intval($param['min']); else $min=0; 38 if (isset($param['ok'])) get_magic_quotes_gpc() ? $ok=$param['ok']:$ok=addslashes($param['ok']); else $ok='';38 if (isset($param['ok'])) $ok=addslashes($param['ok']); else $ok=''; 39 39 if (isset($param['id_lista'])) $id_lista=intval($param['id_lista']); else $id_lista=''; 40 40 if (isset($param['id_sez'])) $id_sez=intval($param['id_sez']); else $id_sez=''; … … 45 45 if (isset($param['id_cand2'])) $id_cand2=intval($param['id_cand2']); else $id_cand2=''; 46 46 if (isset($param['num_lista'])) $num_lista=intval($param['num_lista']); else $num_lista=''; 47 if (isset($param['cognome'])) get_magic_quotes_gpc() ? $cognome=$param['cognome']:$cognome=addslashes($param['cognome']); else $cognome='';48 if (isset($param['simbolo'])) get_magic_quotes_gpc() ? $simbolo=$param['simbolo']:$simbolo=addslashes($param['simbolo']); else $simbolo='';49 if (isset($param['nome'])) get_magic_quotes_gpc() ? $nome=$param['nome']:$nome=addslashes($param['nome']); else $nome='';50 if (isset($param['note'])) get_magic_quotes_gpc() ? $note=$param['note']:$note=addslashes($param['note']); else $note='';47 if (isset($param['cognome'])) $cognome=addslashes($param['cognome']); else $cognome=''; 48 if (isset($param['simbolo'])) $simbolo=addslashes($param['simbolo']); else $simbolo=''; 49 if (isset($param['nome'])) $nome=addslashes($param['nome']); else $nome=''; 50 if (isset($param['note'])) $note=addslashes($param['note']); else $note=''; 51 51 if (isset($param['num_cand'])) $num_cand=intval($param['num_cand']); else $num_cand=0; 52 52 -
trunk/admin/modules/Elezioni/ele_circo.php
r257 r344 30 30 include("modules/Elezioni/ele.php"); 31 31 // Offset - visualizza il numero di elementi per pagina 32 if (isset($_GET['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';32 if (isset($_GET['do'])) $do=addslashes($param['do']); else $do=''; 33 33 if (isset($_GET['min'])) $min=intval($_GET['min']); else $min=0; 34 34 if (isset($_GET['id_circ'])) $id_circ=intval($_GET['id_circ']); else $id_circ=''; 35 35 if (isset($_GET['ok'])) $ok=intval($_GET['ok']); else $ok=''; 36 36 if (isset($_GET['num_circ'])) $num_circ=intval($_GET['num_circ']); else $num_circ=''; 37 if (isset($_GET['descr_circ'])) get_magic_quotes_gpc() ? $descr_circ=$param['descr_circ']:$descr_circ=addslashes($param['descr_circ']); else $descr_circ='';37 if (isset($_GET['descr_circ'])) $descr_circ=addslashes($param['descr_circ']); else $descr_circ=''; 38 38 $offset=10; 39 39 $hiddenInfo = "<input type=\"hidden\" name=\"min\" value=\"$min\">"; -
trunk/admin/modules/Elezioni/ele_collegi.php
r257 r344 26 26 27 27 $offset=15; 28 if (isset($_GET['desc'])) get_magic_quotes_gpc() ? $desc=$param['desc']:$desc=addslashes($param['desc']);else $desc='';28 if (isset($_GET['desc'])) $desc=addslashes($param['desc']);else $desc=''; 29 29 if (isset($_GET['id_collegio'])) $id_collegio=intval($_GET['id_collegio']);else $id_collegio=''; 30 30 if (isset($_GET['ok'])) $ok=intval($_GET['ok']); else $ok=''; 31 if (isset($_GET['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']);else $do='';32 if (isset($_GET['op'])) get_magic_quotes_gpc() ? $op=$param['op']:$op=addslashes($param['op']);else $op='';31 if (isset($_GET['do'])) $do=addslashes($param['do']);else $do=''; 32 if (isset($_GET['op'])) $op=addslashes($param['op']);else $op=''; 33 33 34 34 -
trunk/admin/modules/Elezioni/ele_come.php
r257 r344 24 24 25 25 26 if (isset($param['add_title'])) get_magic_quotes_gpc() ? $add_title=$param['add_title']:$add_title=addslashes($param['add_title']); else $add_title='';27 if (isset($param['add_preamble'])) get_magic_quotes_gpc() ? $add_preamble=$param['add_preamble']:$add_preamble=addslashes($param['add_preamble']); else $add_preamble='';28 if (isset($param['add_content'])) get_magic_quotes_gpc() ? $add_content=$param['add_content']:$add_content=addslashes($param['add_content']); else $add_content='';29 if (isset($param['vai'])) get_magic_quotes_gpc() ? $vai=$param['vai']:$vai=addslashes($param['vai']); else $vai='come';30 if (isset($param['mid'])) get_magic_quotes_gpc() ? $mid=$param['mid']:$mid=addslashes($param['mid']); else $mid='';31 if (isset($param['ok'])) get_magic_quotes_gpc() ? $ok=$param['ok']:$ok=addslashes($param['ok']); else $ok='';32 if (isset($param['op'])) get_magic_quotes_gpc() ? $op=$param['op']:$op=addslashes($param['op']); else $op='come';26 if (isset($param['add_title'])) $add_title=addslashes($param['add_title']); else $add_title=''; 27 if (isset($param['add_preamble'])) $add_preamble=addslashes($param['add_preamble']); else $add_preamble=''; 28 if (isset($param['add_content'])) $add_content=addslashes($param['add_content']); else $add_content=''; 29 if (isset($param['vai'])) $vai=addslashes($param['vai']); else $vai='come'; 30 if (isset($param['mid'])) $mid=addslashes($param['mid']); else $mid=''; 31 if (isset($param['ok'])) $ok=addslashes($param['ok']); else $ok=''; 32 if (isset($param['op'])) $op=addslashes($param['op']); else $op='come'; 33 33 $tab='_ele_'.$op; 34 34 -
trunk/admin/modules/Elezioni/ele_comuni.php
r257 r344 23 23 //if ($perms<128 or !$id_cons_gen) die("$perms Non hai i permessi per inserire dati, o non hai scelto la consultazione!"); 24 24 if ($perms!=256) die("$perms Non hai i permessi per inserire dati!"); 25 if (isset($param['desc'])) get_magic_quotes_gpc() ? $desc=$param['desc']:$desc=addslashes($param['desc']); else $desc='';26 if (isset($param['indirizzo'])) get_magic_quotes_gpc() ? $indirizzo=$param['indirizzo']:$indirizzo=addslashes($param['indirizzo']); else $indirizzo='';27 if (isset($param['centralino'])) get_magic_quotes_gpc() ? $centralino=$param['centralino']:$centralino=addslashes($param['centralino']); else $centralino='';28 if (isset($param['fax'])) get_magic_quotes_gpc() ? $fax=$param['fax']:$fax=addslashes($param['fax']); else $fax='';29 if (isset($param['email'])) get_magic_quotes_gpc() ? $email=$param['email']:$email=addslashes($param['email']); else $email='';25 if (isset($param['desc'])) $desc=addslashes($param['desc']); else $desc=''; 26 if (isset($param['indirizzo'])) $indirizzo=addslashes($param['indirizzo']); else $indirizzo=''; 27 if (isset($param['centralino'])) $centralino=addslashes($param['centralino']); else $centralino=''; 28 if (isset($param['fax'])) $fax=addslashes($param['fax']); else $fax=''; 29 if (isset($param['email'])) $email=addslashes($param['email']); else $email=''; 30 30 if (isset($param['id_comune2'])) $id_comune2=intval($param['id_comune2']); else $id_comune2=''; 31 31 if (isset($param['min'])) $min=intval($param['min']); else $min=''; … … 33 33 if (isset($param['fascia'])) $fasciatmp=intval($param['fascia']); else $fasciatmp=0; 34 34 if (isset($param['prov'])) $prov=intval($param['prov']); else $prov=0; 35 if (isset($param['simbolo'])) get_magic_quotes_gpc() ? $simbolo=$param['simbolo']:$simbolo=addslashes($param['simbolo']); else $simbolo='';36 if (isset($param['cerca'])) get_magic_quotes_gpc() ? $cerca=$param['cerca']:$cerca=addslashes($param['cerca']); else $cerca='';37 if (isset($param['cap'])) get_magic_quotes_gpc() ? $cap=$param['cap']:$cap=addslashes($param['cap']); else $cap='';35 if (isset($param['simbolo'])) $simbolo=addslashes($param['simbolo']); else $simbolo=''; 36 if (isset($param['cerca'])) $cerca=addslashes($param['cerca']); else $cerca=''; 37 if (isset($param['cap'])) $cap=addslashes($param['cap']); else $cap=''; 38 38 39 39 $sql="SELECT t1.tipo_cons FROM ".$prefix."_ele_consultazione as t1, ".$prefix."_ele_cons_comune as t2 where t1.id_cons_gen=t2.id_cons_gen and t2.id_comune='$id_comune' "; … … 265 265 } 266 266 267 if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';267 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 268 268 269 269 if ($do) -
trunk/admin/modules/Elezioni/ele_confcons.php
r336 r344 18 18 $aid=$_SESSION['aid']; 19 19 $prefix=$_SESSION['prefix']; 20 $ currentlang=$_SESSION['lang'];20 $language=$_SESSION['lang']; 21 21 $param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST; 22 22 $id_cons_gen=$param['id_cons_gen']; … … 33 33 include("modules/Elezioni/ele.php"); 34 34 35 if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';35 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 36 36 if (isset($param['min'])) $min=intval($param['min']); else $min=0; 37 if (isset($param['ok'])) get_magic_quotes_gpc() ? $ok=$param['ok']:$ok=addslashes($param['ok']); else $ok=''; 38 if (isset($param['descrizione'])) get_magic_quotes_gpc() ? 39 $descrizione=$param['descrizione']:$descrizione=addslashes($param['descrizione']); else $descrizione=''; 37 if (isset($param['ok'])) $ok=addslashes($param['ok']); else $ok=''; 38 if (isset($param['descrizione'])) $descrizione=addslashes($param['descrizione']); else $descrizione=''; 40 39 if (isset($param['id_conf'])) $id_conf=intval($param['id_conf']); else $id_conf=''; 41 if (isset($param['limite'])) get_magic_quotes_gpc() ? $limite=$param['limite']:$limite=addslashes($param['limite']); else $limite='';42 if (isset($param['consin'])) get_magic_quotes_gpc() ? $consin=$param['consin']:$consin=addslashes($param['consin']); else $consin='';43 if (isset($param['infpremio'])) get_magic_quotes_gpc() ? $infpremio=$param['infpremio']:$infpremio=addslashes($param['infpremio']); else $infpremio='';44 if (isset($param['listinfsbar'])) get_magic_quotes_gpc() ? $listinfsbar=$param['listinfsbar']:$listinfsbar=addslashes($param['listinfsbar']); else $listinfsbar='';45 if (isset($param['infminpremio'])) get_magic_quotes_gpc() ? $infminpremio=$param['infminpremio']:$infminpremio=addslashes($param['infminpremio']); else $infminpremio='';46 if (isset($param['listinfconta'])) get_magic_quotes_gpc() ? $listinfconta=$param['listinfconta']:$listinfconta=addslashes($param['listinfconta']); else $listinfconta='';47 if (isset($param['suppremio'])) get_magic_quotes_gpc() ? $suppremio=$param['suppremio']:$suppremio=addslashes($param['suppremio']); else $suppremio='';48 if (isset($param['supsbarramento'])) get_magic_quotes_gpc() ? $supsbarramento=$param['supsbarramento']:$supsbarramento=addslashes($param['supsbarramento']); else $supsbarramento='';49 if (isset($param['supminpremio'])) get_magic_quotes_gpc() ? $supminpremio=$param['supminpremio']:$supminpremio=addslashes($param['supminpremio']); else $supminpremio='';50 if (isset($param['listsupconta'])) get_magic_quotes_gpc() ? $listsupconta=$param['listsupconta']:$listsupconta=addslashes($param['listsupconta']); else $listsupconta='';51 #if (isset($param['infdisgiunto'])) get_magic_quotes_gpc() ? $infdisgiunto=$param['infdisgiunto']:$infdisgiunto=addslashes($param['infdisgiunto']); else $infdisgiunto='';52 #if (isset($param['supdisgiunto'])) get_magic_quotes_gpc() ? $supdisgiunto=$param['supdisgiunto']:$supdisgiunto=addslashes($param['supdisgiunto']); else $supdisgiunto='';40 if (isset($param['limite'])) $limite=addslashes($param['limite']); else $limite=''; 41 if (isset($param['consin'])) $consin=addslashes($param['consin']); else $consin=''; 42 if (isset($param['infpremio'])) $infpremio=addslashes($param['infpremio']); else $infpremio=''; 43 if (isset($param['listinfsbar'])) $listinfsbar=addslashes($param['listinfsbar']); else $listinfsbar=''; 44 if (isset($param['infminpremio'])) $infminpremio=addslashes($param['infminpremio']); else $infminpremio=''; 45 if (isset($param['listinfconta'])) $listinfconta=addslashes($param['listinfconta']); else $listinfconta=''; 46 if (isset($param['suppremio'])) $suppremio=addslashes($param['suppremio']); else $suppremio=''; 47 if (isset($param['supsbarramento'])) $supsbarramento=addslashes($param['supsbarramento']); else $supsbarramento=''; 48 if (isset($param['supminpremio'])) $supminpremio=addslashes($param['supminpremio']); else $supminpremio=''; 49 if (isset($param['listsupconta'])) $listsupconta=addslashes($param['listsupconta']); else $listsupconta=''; 50 #if (isset($param['infdisgiunto'])) $infdisgiunto=addslashes($param['infdisgiunto']); else $infdisgiunto=''; 51 #if (isset($param['supdisgiunto'])) $supdisgiunto=addslashes($param['supdisgiunto']); else $supdisgiunto=''; 53 52 if (isset($param['help'])) $help=intval($param['help']); 54 53 … … 57 56 /*****************************************************/ 58 57 function all() { 59 global $tipo_cons,$param, $currentlang,$bgcolor1, $bgcolor2, $prefix, $dbi, $offset, $min, $id_cons,$id_cons_gen,$id_comune,$do,$id_conf, $language,$help;58 global $tipo_cons,$param, $bgcolor1, $bgcolor2, $prefix, $dbi, $offset, $min, $id_cons,$id_cons_gen,$id_comune,$do,$id_conf, $language,$help; 60 59 61 60 if (isset($help)) include("language/$language/ele_confcons.html"); -
trunk/admin/modules/Elezioni/ele_configurazione.php
r336 r344 18 18 $aid=$_SESSION['aid']; 19 19 $prefix=$_SESSION['prefix']; 20 $ currentlang=$_SESSION['lang'];20 $language=$_SESSION['lang']; 21 21 $param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST; 22 22 $id_cons_gen=$param['id_cons_gen']; … … 31 31 if(isset($row[0])) {$tipo_cons=$row[0];$id_cons=$row[1];} else {$tipo_cons=0; $id_cons=0;} 32 32 33 if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';33 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 34 34 if (isset($param['min'])) $min=intval($param['min']); else $min=0; 35 if (isset($param['ok'])) get_magic_quotes_gpc() ? $ok=$param['ok']:$ok=addslashes($param['ok']); else $ok=''; 36 if (isset($param['blocco'])) get_magic_quotes_gpc() ? 37 $blocco=$param['blocco']:$blocco=addslashes($param['blocco']); else $blocco=''; 38 if (isset($param['tema2'])) get_magic_quotes_gpc() ? $tema2=$param['tema2']:$tema2=addslashes($param['tema2']); else $tema2=''; 39 if (isset($param['multicomune'])) get_magic_quotes_gpc() ? $multicomune=$param['multicomune']:$multicomune=addslashes($param['multicomune']); else $multicomune=''; 40 if (isset($param['fileout'])) get_magic_quotes_gpc() ? $fileout=$param['fileout']:$fileout=addslashes($param['fileout']); else $fileout=''; 41 if (isset($param['prefix2'])) get_magic_quotes_gpc() ? $prefix2=$param['prefix2']:$prefix2=addslashes($param['prefix2']); else $prefix2=''; 42 if (isset($param['adminmail'])) get_magic_quotes_gpc() ? $adminmail=$param['adminmail']:$adminmail=addslashes($param['adminmail']); else $adminmail=''; 43 if (isset($param['siteurl'])) get_magic_quotes_gpc() ? $siteurl=$param['siteurl']:$siteurl=addslashes($param['siteurl']); else $siteurl=''; 44 if (isset($param['sitename'])) get_magic_quotes_gpc() ? $sitename=$param['sitename']:$sitename=addslashes($param['sitename']); else $sitename=''; 45 if (isset($param['siteistat'])) get_magic_quotes_gpc() ? $siteistat=$param['siteistat']:$siteistat=addslashes($param['siteistat']); else $siteistat=''; 46 if (isset($param['language2'])) get_magic_quotes_gpc() ? $language2=$param['language2']:$language2=addslashes($param['language2']); else $language2=''; 47 if (isset($param['flash2'])) get_magic_quotes_gpc() ? $flash2=$param['flash2']:$flash2=addslashes($param['flash2']); else $flash2=''; 35 if (isset($param['ok'])) $ok=addslashes($param['ok']); else $ok=''; 36 if (isset($param['blocco'])) $blocco=addslashes($param['blocco']); else $blocco=''; 37 if (isset($param['tema2'])) $tema2=addslashes($param['tema2']); else $tema2=''; 38 if (isset($param['multicomune'])) $multicomune=addslashes($param['multicomune']); else $multicomune=''; 39 if (isset($param['fileout'])) $fileout=addslashes($param['fileout']); else $fileout=''; 40 if (isset($param['prefix2'])) $prefix2=addslashes($param['prefix2']); else $prefix2=''; 41 if (isset($param['adminmail'])) $adminmail=addslashes($param['adminmail']); else $adminmail=''; 42 if (isset($param['siteurl'])) $siteurl=addslashes($param['siteurl']); else $siteurl=''; 43 if (isset($param['sitename'])) $sitename=addslashes($param['sitename']); else $sitename=''; 44 if (isset($param['siteistat'])) $siteistat=addslashes($param['siteistat']); else $siteistat=''; 45 if (isset($param['language2'])) $language2=addslashes($param['language2']); else $language2=''; 46 if (isset($param['flash2'])) $flash2=addslashes($param['flash2']); else $flash2=''; 48 47 if (isset($param['displayerrors'])) $displayerrors=intval($param['displayerrors']); else $displayerrors='0'; 49 48 50 if (isset($param['gkey'])) get_magic_quotes_gpc() ? $gkey=$param['gkey']:$gkey=addslashes($param['gkey']); else $gkey='';51 if (isset($param['ed_user'])) get_magic_quotes_gpc() ? $ed_user=$param['ed_user']:$ed_user=addslashes($param['ed_user']); else $ed_user='';49 if (isset($param['gkey'])) $gkey=addslashes($param['gkey']); else $gkey=''; 50 if (isset($param['ed_user'])) $ed_user=addslashes($param['ed_user']); else $ed_user=''; 52 51 if (isset($param['googlemaps'])) $googlemaps=intval($param['googlemaps']); else $googlemaps='0'; 53 52 if (isset($param['editor'])) $editor=intval($param['editor']); else $editor='0'; … … 61 60 /*****************************************************/ 62 61 function all() { 63 global $tipo_cons,$param, $currentlang,$bgcolor1, $bgcolor2, $prefix, $prefix2, $dbi, $offset, $min, $id_cons,$id_cons_gen,$id_comune,$do,$tema,$language,$help;62 global $tipo_cons,$param, $bgcolor1, $bgcolor2, $prefix, $prefix2, $dbi, $offset, $min, $id_cons,$id_cons_gen,$id_comune,$do,$tema,$language,$help; 64 63 global $gkey,$ed_user,$googlemaps,$editor,$tema_on; 65 64 -
trunk/admin/modules/Elezioni/ele_cons_comuni.php
r304 r344 21 21 $id_cons_gen=$_GET['id_cons_gen']; 22 22 $id_comune=$_SESSION['id_comune']; 23 $language=$_SESSION['lang']; 23 24 $perms=ChiSei(0); 24 25 if ($perms<64 or !$id_cons_gen) die("Non hai i permessi per inserire dati, o non hai scelto la consultazione!"); … … 29 30 include("modules/Elezioni/funzionidata.php"); 30 31 include("modules/Elezioni/ele.php"); 31 if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';32 if (isset($param['ok'])) get_magic_quotes_gpc() ? $ok=$param['ok']:$ok=addslashes($param['ok']); else $ok='';32 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 33 if (isset($param['ok'])) $ok=addslashes($param['ok']); else $ok=''; 33 34 if (isset($param['id_cons2'])) $id_cons2=intval($param['id_cons2']); else $id_cons2=''; 34 35 if (isset($param['min'])) $min=intval($param['min']); else $min=0; 35 36 if (isset($param['duplica'])) $duplica=intval($param['duplica']); else $duplica=''; 36 if (isset($param['elettori'])) get_magic_quotes_gpc() ? $elettori=$param['elettori']:$elettori=addslashes($param['elettori']); else $elettori='';37 if (isset($param['elettori'])) $elettori=addslashes($param['elettori']); else $elettori=''; 37 38 if (isset($param['predefinita'])) $predefinita=intval($param['predefinita']); else $predefinita=''; 38 39 if (isset($param['help'])) $help=intval($param['help']); -
trunk/admin/modules/Elezioni/ele_consultazioni.php
r336 r344 22 22 if (isset($param['min'])) $min=intval($param['min']); else $min=0; 23 23 if (isset($param['ok'])) $ok=intval($param['ok']); else $ok=0; 24 if (isset($param['data_in'])) get_magic_quotes_gpc() ? $data_in=$param['data_in']:$data_in=addslashes($param['data_in']); else $data_in='';25 if (isset($param['data_fine'])) get_magic_quotes_gpc() ? $data_fine=$param['data_fine']:$data_fine=addslashes($param['data_fine']); else $data_fine='';26 if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';24 if (isset($param['data_in'])) $data_in=addslashes($param['data_in']); else $data_in=''; 25 if (isset($param['data_fine'])) $data_fine=addslashes($param['data_fine']); else $data_fine=''; 26 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 27 27 if (isset($param['dig'])) $dig=intval($param['dig']); else $dig=date("d",time()); 28 28 if (isset($param['dim'])) $dim=intval($param['dim']); else $dim=date("m",time()); … … 32 32 if (isset($param['dfa'])) $dfa=intval($param['dfa']); else $dfa=date("Y",time()); 33 33 if (isset($param['duplica'])) $duplica=intval($param['duplica']); else $duplica=''; 34 if (isset($param['referendum'])) get_magic_quotes_gpc() ? $referendum=$param['referendum']:$referendum=addslashes($param['referendum']); else $referendum='';35 if (isset($param['liste'])) get_magic_quotes_gpc() ? $liste=$param['liste']:$liste=addslashes($param['liste']); else $liste='';36 if (isset($param['gruppi'])) get_magic_quotes_gpc() ? $gruppi=$param['gruppi']:$gruppi=addslashes($param['gruppi']); else $gruppi='';37 if (isset($param['votigruppo'])) get_magic_quotes_gpc() ? $votigruppo=$param['votigruppo']:$votigruppo=addslashes($param['votigruppo']); else $votigruppo='';38 if (isset($param['votilista'])) get_magic_quotes_gpc() ? $votilista=$param['votilista']:$votilista=addslashes($param['votilista']); else $votilista='';39 if (isset($param['voticandi'])) get_magic_quotes_gpc() ? $voticandi=$param['voticandi']:$voticandi=addslashes($param['voticandi']); else $voticandi='';40 if (isset($param['ballo'])) get_magic_quotes_gpc() ? $ballo=$param['ballo']:$ballo=addslashes($param['ballo']); else $ballo='';41 if (isset($param['circo'])) get_magic_quotes_gpc() ? $circo=$param['circo']:$circo=addslashes($param['circo']); else $circo='';42 if (isset($param['descr_cons2'])) get_magic_quotes_gpc() ? $descr_cons2=$param['descr_cons2']:$descr_cons2=addslashes($param['descr_cons2']); else $descr_cons2='';43 if (isset($param['tipocons'])) get_magic_quotes_gpc() ? $tipocons=$param['tipocons']:$tipocons=addslashes($param['tipocons']); else $tipocons=$tipo_cons;34 if (isset($param['referendum'])) $referendum=addslashes($param['referendum']); else $referendum=''; 35 if (isset($param['liste'])) $liste=addslashes($param['liste']); else $liste=''; 36 if (isset($param['gruppi'])) $gruppi=addslashes($param['gruppi']); else $gruppi=''; 37 if (isset($param['votigruppo'])) $votigruppo=addslashes($param['votigruppo']); else $votigruppo=''; 38 if (isset($param['votilista'])) $votilista=addslashes($param['votilista']); else $votilista=''; 39 if (isset($param['voticandi'])) $voticandi=addslashes($param['voticandi']); else $voticandi=''; 40 if (isset($param['ballo'])) $ballo=addslashes($param['ballo']); else $ballo=''; 41 if (isset($param['circo'])) $circo=addslashes($param['circo']); else $circo=''; 42 if (isset($param['descr_cons2'])) $descr_cons2=addslashes($param['descr_cons2']); else $descr_cons2=''; 43 if (isset($param['tipocons'])) $tipocons=addslashes($param['tipocons']); else $tipocons=$tipo_cons; 44 44 if (isset($param['help'])) $help=intval($param['help']); 45 45 $id_comune=$_SESSION['id_comune']; -
trunk/admin/modules/Elezioni/ele_consultazionitipi.php
r257 r344 27 27 if (isset($param['min'])) $min=intval($param['min']); else $min=0; 28 28 if (isset($param['ok'])) $ok=intval($param['ok']); else $ok=0; 29 if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';30 if (isset($param['referendum'])) get_magic_quotes_gpc() ? $referendum=$param['referendum']:$referendum=addslashes($param['referendum']); else $referendum='';31 if (isset($param['liste'])) get_magic_quotes_gpc() ? $liste=$param['liste']:$liste=addslashes($param['liste']); else $liste='';32 if (isset($param['gruppi'])) get_magic_quotes_gpc() ? $gruppi=$param['gruppi']:$gruppi=addslashes($param['gruppi']); else $gruppi='';33 if (isset($param['votigruppo'])) get_magic_quotes_gpc() ? $votigruppo=$param['votigruppo']:$votigruppo=addslashes($param['votigruppo']); else $votigruppo='';34 if (isset($param['votilista'])) get_magic_quotes_gpc() ? $votilista=$param['votilista']:$votilista=addslashes($param['votilista']); else $votilista='';35 if (isset($param['voticandi'])) get_magic_quotes_gpc() ? $voticandi=$param['voticandi']:$voticandi=addslashes($param['voticandi']); else $voticandi='';36 if (isset($param['ballo'])) get_magic_quotes_gpc() ? $ballo=$param['ballo']:$ballo=addslashes($param['ballo']); else $ballo='';37 if (isset($param['circo'])) get_magic_quotes_gpc() ? $circo=$param['circo']:$circo=addslashes($param['circo']); else $circo='';38 if (isset($param['descr_cons2'])) get_magic_quotes_gpc() ? $descr_cons2=$param['descr_cons2']:$descr_cons2=addslashes($param['descr_cons2']); else $descr_cons2='';39 if (isset($param['tipocons'])) get_magic_quotes_gpc() ? $tipocons=$param['tipocons']:$tipocons=addslashes($param['tipocons']); else $tipocons=$tipo_cons;29 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 30 if (isset($param['referendum'])) $referendum=addslashes($param['referendum']); else $referendum=''; 31 if (isset($param['liste'])) $liste=addslashes($param['liste']); else $liste=''; 32 if (isset($param['gruppi'])) $gruppi=addslashes($param['gruppi']); else $gruppi=''; 33 if (isset($param['votigruppo'])) $votigruppo=addslashes($param['votigruppo']); else $votigruppo=''; 34 if (isset($param['votilista'])) $votilista=addslashes($param['votilista']); else $votilista=''; 35 if (isset($param['voticandi'])) $voticandi=addslashes($param['voticandi']); else $voticandi=''; 36 if (isset($param['ballo'])) $ballo=addslashes($param['ballo']); else $ballo=''; 37 if (isset($param['circo'])) $circo=addslashes($param['circo']); else $circo=''; 38 if (isset($param['descr_cons2'])) $descr_cons2=addslashes($param['descr_cons2']); else $descr_cons2=''; 39 if (isset($param['tipocons'])) $tipocons=addslashes($param['tipocons']); else $tipocons=$tipo_cons; 40 40 if (isset($param['help'])) $help=intval($param['help']); 41 41 -
trunk/admin/modules/Elezioni/ele_gruppo.php
r257 r344 32 32 include("modules/Elezioni/ele.php"); 33 33 34 if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';34 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 35 35 if (isset($param['min'])) $min=intval($param['min']); else $min=0; 36 36 if (isset($param['id_sede'])) $id_sede=intval($param['id_sede']); else $id_sede=''; 37 if (isset($param['ok'])) get_magic_quotes_gpc() ? $ok=$param['ok']:$ok=addslashes($param['ok']); else $ok='';37 if (isset($param['ok'])) $ok=addslashes($param['ok']); else $ok=''; 38 38 if (isset($param['id_circ'])) {$id_circ=intval($param['id_circ']); $_SESSION['id_circ']=$id_circ;} else 39 39 if (isset($_SESSION['id_circ'])) $id_circ=intval($_SESSION['id_circ']); else $id_circ=''; 40 40 if (isset($param['id_gruppo'])) $id_gruppo=intval($param['id_gruppo']); else $id_gruppo=''; 41 41 if (isset($param['num_gruppo'])) $num_gruppo=intval($param['num_gruppo']); else $num_gruppo=''; 42 if (isset($param['descr_gruppo'])) get_magic_quotes_gpc() ? $descr_gruppo=$param['descr_gruppo']:$descr_gruppo=addslashes($param['descr_gruppo']); else $descr_gruppo='';43 if (isset($param['simbolo'])) get_magic_quotes_gpc() ? $simbolo=$param['simbolo']:$simbolo=addslashes($param['simbolo']); else $simbolo='';44 if (isset($param['delsimb'])) get_magic_quotes_gpc() ? $delsimb=$param['delsimb']:$delsimb=addslashes($param['delsimb']);45 if (isset($param['delprog'])) get_magic_quotes_gpc() ? $delprog=$param['delprog']:$delprog=addslashes($param['delprog']);42 if (isset($param['descr_gruppo'])) $descr_gruppo=addslashes($param['descr_gruppo']); else $descr_gruppo=''; 43 if (isset($param['simbolo'])) $simbolo=addslashes($param['simbolo']); else $simbolo=''; 44 if (isset($param['delsimb'])) $delsimb=addslashes($param['delsimb']); 45 if (isset($param['delprog'])) $delprog=addslashes($param['delprog']); 46 46 /******************************************************/ 47 47 /*Funzione di visualizzazione globale */ -
trunk/admin/modules/Elezioni/ele_lista.php
r338 r344 26 26 include("modules/Elezioni/funzionidata.php"); 27 27 include("modules/Elezioni/ele.php"); 28 if (isset($param['mex'])) get_magic_quotes_gpc() ? $mex=$param['mex']:$mex=addslashes($param['mex']); else $mex='';29 if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';28 if (isset($param['mex'])) $mex=addslashes($param['mex']); else $mex=''; 29 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 30 30 if (isset($param['min'])) $min=intval($param['min']); else $min=0; 31 if (isset($param['ok'])) get_magic_quotes_gpc() ? $ok=$param['ok']:$ok=addslashes($param['ok']); else $ok='';31 if (isset($param['ok'])) $ok=addslashes($param['ok']); else $ok=''; 32 32 if (isset($param['id_lista'])) $id_lista=intval($param['id_lista']); else $id_lista=0; 33 33 if (isset($param['id_circ'])) {$id_circ=intval($param['id_circ']); $_SESSION['id_circ']=$id_circ;} else … … 36 36 if (isset($param['id_gruppo2'])) $id_gruppo2=intval($param['id_gruppo2']); else $id_gruppo2=0; 37 37 if (isset($param['num_lista'])) $num_lista=intval($param['num_lista']); else $num_lista=0; 38 if (isset($param['descr_lista'])) get_magic_quotes_gpc() ? $descr_lista=$param['descr_lista']:$descr_lista=addslashes($param['descr_lista']); else $descr_lista='';39 if (isset($param['simbolo'])) get_magic_quotes_gpc() ? $simbolo=$param['simbolo']:$simbolo=addslashes($param['simbolo']); else $simbolo='';40 if (isset($param['stemma'])) get_magic_quotes_gpc() ? $stemma=$param['stemma']:$stemma=addslashes($param['stemma']); else $stemma='';38 if (isset($param['descr_lista'])) $descr_lista=addslashes($param['descr_lista']); else $descr_lista=''; 39 if (isset($param['simbolo'])) $simbolo=addslashes($param['simbolo']); else $simbolo=''; 40 if (isset($param['stemma'])) $stemma=addslashes($param['stemma']); else $stemma=''; 41 41 42 42 // Offset - visualizza il numero di elementi per pagina -
trunk/admin/modules/Elezioni/ele_operatori.php
r332 r344 19 19 $res->execute(); 20 20 list($tipo_cons,$id_cons) = $res->fetch(PDO::FETCH_NUM); 21 if (isset($_GET['aid2'])) get_magic_quotes_gpc() ? $aid2=$param['aid2']:$aid2=addslashes($param['aid2']); else {if ($perms==256) $aid2='admin'; else $aid2='';}21 if (isset($_GET['aid2'])) $aid2=addslashes($param['aid2']); else {if ($perms==256) $aid2='admin'; else $aid2='';} 22 22 if (isset($_GET['id_sede'])) $id_sede=intval($_GET['id_sede']); else $id_sede=''; 23 if (isset($_GET['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';24 if (isset($_GET['name'])) get_magic_quotes_gpc() ? $name=$param['name']:$name=addslashes($param['name']); else $name='';25 if (isset($_GET['email'])) get_magic_quotes_gpc() ? $email=$param['email']:$email=addslashes($param['email']); else $email='';26 if (isset($_GET['passwd'])) get_magic_quotes_gpc() ? $passwd=$param['passwd']:$passwd=addslashes($param['passwd']); else $passwd='';27 if (isset($_GET['passwd2'])) get_magic_quotes_gpc() ? $passwd2=$param['passwd2']:$passwd2=addslashes($param['passwd2']); else $passwd2='';23 if (isset($_GET['do'])) $do=addslashes($param['do']); else $do=''; 24 if (isset($_GET['name'])) $name=addslashes($param['name']); else $name=''; 25 if (isset($_GET['email'])) $email=addslashes($param['email']); else $email=''; 26 if (isset($_GET['passwd'])) $passwd=addslashes($param['passwd']); else $passwd=''; 27 if (isset($_GET['passwd2'])) $passwd2=addslashes($param['passwd2']); else $passwd2=''; 28 28 29 29 include("modules/Elezioni/funzionidata.php"); -
trunk/admin/modules/Elezioni/ele_operatori_admin.php
r336 r344 24 24 $perms=ChiSei(0); 25 25 if ($perms!=256) die("Non hai i permessi per inserire dati!"); 26 if (isset($_GET['aid2'])) get_magic_quotes_gpc() ? $aid2=$param['aid2']:$aid2=addslashes($param['aid2']); else $aid2='';26 if (isset($_GET['aid2'])) $aid2=addslashes($param['aid2']); else $aid2=''; 27 27 if (isset($_GET['id_sede'])) $id_sede=intval($_GET['id_sede']); else $id_sede=''; 28 28 if (isset($_GET['id_comune2'])) $id_comune2=intval($_GET['id_comune2']); else $id_comune2=''; -
trunk/admin/modules/Elezioni/ele_permessi.php
r333 r344 23 23 $res->execute(); 24 24 list($tipo_cons,$id_cons) = $res->fetch(PDO::FETCH_NUM); 25 if (isset($param['aid2'])) get_magic_quotes_gpc() ? $aid2=$param['aid2']:$aid2=addslashes($param['aid2']); else $aid2='';25 if (isset($param['aid2'])) $aid2=addslashes($param['aid2']); else $aid2=''; 26 26 if (isset($param['id_sede'])) $id_sede=intval($param['id_sede']); else $id_sede=''; 27 if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';28 if (isset($param['permessi'])) get_magic_quotes_gpc() ? $permessi=$param['permessi']:$permessi=addslashes($param['permessi']); else $permessi='';27 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 28 if (isset($param['permessi'])) $permessi=addslashes($param['permessi']); else $permessi=''; 29 29 if (isset($param['id_comune2'])) $id_comune2=intval($param['id_comune2']); else $id_comune2=''; 30 30 if (isset($param['ok'])) $ok=intval($param['ok']); else $ok=''; 31 if (isset($param['mex'])) get_magic_quotes_gpc() ? $mex=$param['mex']:$mex=addslashes($param['mex']); else $mex='';31 if (isset($param['mex'])) $mex=addslashes($param['mex']); else $mex=''; 32 32 33 33 include("modules/Elezioni/funzionidata.php"); -
trunk/admin/modules/Elezioni/ele_pwd.php
r257 r344 25 25 26 26 27 if (isset($param['pwd1'])) get_magic_quotes_gpc() ? $pwd1=$param['pwd1']:$pwd1=addslashes($param['pwd1']); else $pwd1='';28 if (isset($param['pwd2'])) get_magic_quotes_gpc() ? $pwd2=$param['pwd2']:$pwd2=addslashes($param['pwd2']); else $pwd2='';29 if (isset($param['oldpwd'])) get_magic_quotes_gpc() ? $oldpwd=$param['oldpwd']:$oldpwd=addslashes($param['oldpwd']); else $oldpwd='';30 if (isset($param['op'])) get_magic_quotes_gpc() ? $op=$param['op']:$op=addslashes($param['op']); else $op='cambiopwd';27 if (isset($param['pwd1'])) $pwd1=addslashes($param['pwd1']); else $pwd1=''; 28 if (isset($param['pwd2'])) $pwd2=addslashes($param['pwd2']); else $pwd2=''; 29 if (isset($param['oldpwd'])) $oldpwd=addslashes($param['oldpwd']); else $oldpwd=''; 30 if (isset($param['op'])) $op=addslashes($param['op']); else $op='cambiopwd'; 31 31 if (isset($param['mex'])) $mex=intval($param['mex']); else $mex=''; 32 32 -
trunk/admin/modules/Elezioni/ele_riepilogo.php
r328 r344 36 36 include("modules/Elezioni/funzionidata.php"); 37 37 include("modules/Elezioni/ele.php"); 38 if (! get_magic_quotes_gpc()) $magic='addslashes'; else $magic=''; 39 if (isset($param['ops'])) get_magic_quotes_gpc() ? $ops=$param['ops']:$ops=addslashes($param['ops']); else $ops='';38 39 if (isset($param['ops'])) $ops=addslashes($param['ops']); else $ops=''; 40 40 if (isset($param['pag'])) $pag=intval($param['pag']); else $pag=0; 41 41 if (isset($param['num_ref'])) $num_ref=intval($param['num_ref']); -
trunk/admin/modules/Elezioni/ele_riepilogovoti.php
r315 r344 36 36 include("modules/Elezioni/funzionidata.php"); 37 37 include("modules/Elezioni/ele.php"); 38 if (! get_magic_quotes_gpc()) $magic='addslashes'; else $magic=''; 39 if (isset($param['ops'])) get_magic_quotes_gpc() ? $ops=$param['ops']:$ops=addslashes($param['ops']); else $ops=''; 38 if (isset($param['ops'])) $ops=addslashes($param['ops']); else $ops=''; 40 39 if (isset($param['pag'])) $pag=intval($param['pag']); else $pag=0; 41 40 if (isset($param['num_ref'])) $num_ref=intval($param['num_ref']); -
trunk/admin/modules/Elezioni/ele_sede.php
r258 r344 30 30 include("modules/Elezioni/funzionidata.php"); 31 31 include("modules/Elezioni/ele.php"); 32 if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';33 if (isset($param['descr_circ'])) get_magic_quotes_gpc() ? $descr_circ=$param['descr_circ']:$descr_circ=addslashes($param['descr_circ']); else $descr_circ='';32 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 33 if (isset($param['descr_circ'])) $descr_circ=addslashes($param['descr_circ']); else $descr_circ=''; 34 34 if (isset($param['min'])) $min=intval($param['min']); else $min=0; 35 35 if (isset($param['id_sede'])) $id_sede=intval($param['id_sede']); else $id_sede=''; … … 38 38 if (isset($param['id_circ'])) $id_circ=intval($param['id_circ']); else $id_circ=''; 39 39 if (isset($param['id_sede2'])) $id_sede2=intval($param['id_sede2']); else $id_sede2=''; 40 if (isset($param['indir'])) get_magic_quotes_gpc() ? $indir=$param['indir']:$indir=addslashes($param['indir']); else $indir='';41 if (isset($param['tel1'])) get_magic_quotes_gpc() ? $tel1=$param['tel1']:$tel1=addslashes($param['tel1']); else $tel1='';42 if (isset($param['tel2'])) get_magic_quotes_gpc() ? $tel2=$param['tel2']:$tel2=addslashes($param['tel2']); else $tel2='';43 if (isset($param['fax'])) get_magic_quotes_gpc() ? $fax=$param['fax']:$fax=addslashes($param['fax']); else $fax='';44 if (isset($param['resp'])) get_magic_quotes_gpc() ? $resp=$param['resp']:$resp=addslashes($param['resp']); else $resp='';45 if (isset($param['filemappa'])) get_magic_quotes_gpc() ? $filemappa=$param['filemappa']:$filemappa=addslashes($param['filemappa']); else $filemappa='';46 if (isset($param['mappa'])) get_magic_quotes_gpc() ? $mappa=$param['mappa']:$mappa=addslashes($param['mappa']); else $mappa='';40 if (isset($param['indir'])) $indir=addslashes($param['indir']); else $indir=''; 41 if (isset($param['tel1'])) $tel1=addslashes($param['tel1']); else $tel1=''; 42 if (isset($param['tel2'])) $tel2=addslashes($param['tel2']); else $tel2=''; 43 if (isset($param['fax'])) $fax=addslashes($param['fax']); else $fax=''; 44 if (isset($param['resp'])) $resp=addslashes($param['resp']); else $resp=''; 45 if (isset($param['filemappa'])) $filemappa=addslashes($param['filemappa']); else $filemappa=''; 46 if (isset($param['mappa'])) $mappa=addslashes($param['mappa']); else $mappa=''; 47 47 48 48 -
trunk/admin/modules/Elezioni/ele_sezione.php
r260 r344 22 22 $res->execute(); 23 23 list($tipo_cons,$id_cons) = $res->fetch(PDO::FETCH_NUM); 24 if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';24 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 25 25 if (isset($param['id_sede'])) $id_sede=intval($param['id_sede']); else $id_sede=''; 26 26 if (isset($param['min'])) $min=intval($param['min']); else $min=0; -
trunk/admin/modules/Elezioni/ele_voti.php
r342 r344 23 23 $perms=ChiSei($id_cons_gen); 24 24 if ($perms<16 or !$id_cons_gen) die("Non hai i permessi per inserire dati, o non hai scelto la consultazione!"); 25 if (isset($ _GET['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';25 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 26 26 //if (isset($param['id_cons'])) $id_cons=intval($param['id_cons']); else $id_cons=''; 27 27 if (isset($param['ops'])) $ops=intval($param['ops']); else $ops=''; -
trunk/admin/modules/Elezioni/ele_widget.php
r336 r344 31 31 if(isset($row[0])) {$tipo_cons=$row[0];$id_cons=$row[1];} else {$tipo_cons=0; $id_cons=0;} 32 32 33 if (isset($param['do'])) get_magic_quotes_gpc() ? $do=$param['do']:$do=addslashes($param['do']); else $do='';33 if (isset($param['do'])) $do=addslashes($param['do']); else $do=''; 34 34 if (isset($param['min'])) $min=intval($param['min']); else $min=0; 35 if (isset($param['ok'])) get_magic_quotes_gpc() ? $ok=$param['ok']:$ok=addslashes($param['ok']); else $ok='';35 if (isset($param['ok'])) $ok=addslashes($param['ok']); else $ok=''; 36 36 if (isset($param['idw'])) $idw=intval($param['idw']); else $idw=''; 37 if (isset($param['nome_file'])) get_magic_quotes_gpc() ? 38 $nome_file=$param['nome_file']:$nome_file=addslashes($param['nome_file']); else $nome_file=''; 39 if (isset($param['titolo'])) get_magic_quotes_gpc() ? 40 $titolo=$param['titolo']:$titolo=addslashes($param['titolo']); else $titolo=''; 37 if (isset($param['nome_file'])) $nome_file=addslashes($param['nome_file']); else $nome_file=''; 38 if (isset($param['titolo'])) $titolo=addslashes($param['titolo']); else $titolo=''; 41 39 if (isset($param['pos_or'])) $pos_or=intval($param['pos_or']); else $pos_or=''; 42 40 if (isset($param['pos_ver'])) $pos_ver=intval($param['pos_ver']); else $pos_ver=''; -
trunk/admin/modules/Elezioni/importa.php
r336 r344 15 15 $perms=ChiSei(0); 16 16 if ($perms<32) die("Non hai i permessi per effettuare questa operazione!"); 17 17 $language=$_SESSION['lang']; 18 18 $param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST; 19 19 $id_cons_gen=intval($param['id_cons_gen']); 20 if (isset($param['datafile'])) get_magic_quotes_gpc() ? $datafile=$param['datafile']:$datafile=addslashes($param['datafile']); else $datafile='';20 if (isset($param['datafile'])) $datafile=addslashes($param['datafile']); else $datafile=''; 21 21 include("modules/Elezioni/ele.php"); 22 22 -
trunk/admin/modules/Elezioni/restore.php
r336 r344 17 17 18 18 $param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST; 19 if (isset($param['datafile'])) get_magic_quotes_gpc() ? $datafile=$param['datafile']:$datafile=addslashes($param['datafile']); else $datafile='';19 if (isset($param['datafile'])) $datafile=addslashes($param['datafile']); else $datafile=''; 20 20 include("modules/Elezioni/ele.php"); 21 21 ele(); -
trunk/admin/modules/Elezioni/salva_aff.php
r307 r344 33 33 if (isset($_GET['voti_d'])) $voti_d=intval($_GET['voti_d']); else $voti_d='0'; 34 34 if (isset($_GET['voti_t'])) $voti_t=intval($_GET['voti_t']); else $voti_t='0'; 35 if (isset($_GET['orario'])) get_magic_quotes_gpc() ? $orario=$_GET['orario']:$orario=addslashes($_GET['orario']); else $orario='';36 if (isset($_GET['data'])) get_magic_quotes_gpc() ? $data=$_GET['data']:$data=addslashes($_GET['data']); else $data='01-01-1900';35 if (isset($_GET['orario'])) $orario=addslashes($_GET['orario']); else $orario=''; 36 if (isset($_GET['data'])) $data=addslashes($_GET['data']); else $data='01-01-1900'; 37 37 if (isset($_GET['id_comune'])) $id_comune=intval($_GET['id_comune']); else $id_comune='0'; 38 38 if (isset($_GET['id_gruppo'])) $id_gruppo=intval($_GET['id_gruppo']); else $id_gruppo='0'; 39 39 if (isset($_GET['genere'])) $genere=intval($_GET['genere']); else $genere='0'; 40 if (isset($_GET['delete'])) get_magic_quotes_gpc() ? $delete=$_GET['delete']:$delete=addslashes($_GET['delete']); else $delete='';40 if (isset($_GET['delete'])) $delete=addslashes($_GET['delete']); else $delete=''; 41 41 global $prefix,$id_parz,$tempo,$username,$aid,$dbi,$genere; 42 42 -
trunk/admin/modules/Elezioni/salva_gruppi.php
r338 r344 41 41 if (isset($_GET['sololista'])) $sololista=intval($_GET['sololista']); else $sololista='0'; 42 42 if (isset($_GET['delete'])) $delete=intval($_GET['delete']); else $delete=''; 43 if (isset($_GET['circo'])) get_magic_quotes_gpc() ? $circo=$_GET['circo']:$circo=addslashes($_GET['circo']); else $circo='';43 if (isset($_GET['circo'])) $circo=addslashes($_GET['circo']); else $circo=''; 44 44 45 45 global $prefix,$id_parz,$fileout; -
trunk/admin/modules/Elezioni/salva_liste.php
r338 r344 47 47 if (isset($_GET['ops'])) $ops=intval($_GET['ops']); else $ops='3'; 48 48 if (isset($_GET['delete'])) $delete=intval($_GET['delete']); else $delete='0'; 49 if (isset($_GET['circo'])) get_magic_quotes_gpc() ? $circo=$_GET['circo']:$circo=addslashes($_GET['circo']); else $circo='';49 if (isset($_GET['circo'])) $circo=addslashes($_GET['circo']); else $circo=''; 50 50 51 51 global $prefix,$id_parz,$fileout; -
trunk/admin/modules/Elezioni/salva_ref.php
r328 r344 40 40 if (isset($_GET['ops'])) $ops=intval($_GET['ops']); else $ops='4'; 41 41 if (isset($_GET['delete'])) $delete=intval($_GET['delete']); else $delete=''; 42 if (isset($_GET['circo'])) get_magic_quotes_gpc() ? $circo=$_GET['circo']:$circo=addslashes($_GET['circo']); else $circo='';42 if (isset($_GET['circo'])) $circo=addslashes($_GET['circo']); else $circo=''; 43 43 44 44 global $prefix,$id_parz,$fileout; -
trunk/admin/modules/Elezioni/salva_voti.php
r262 r344 24 24 } 25 25 26 if (isset($_GET['genere'])) get_magic_quotes_gpc() ? $genere=$_GET['genere']:$genere=addslashes($_GET['genere']); else $genere='';27 if (isset($_GET['id_cons_gen'])) get_magic_quotes_gpc() ? $id_cons_gen=$_GET['id_cons_gen']:$id_cons_gen=addslashes($_GET['id_cons_gen']); else $id_cons_gen='';28 if (isset($_GET['id_cons'])) get_magic_quotes_gpc() ? $id_cons=$_GET['id_cons']:$id_cons=addslashes($_GET['id_cons']); else $id_cons='';29 if (isset($_GET['op'])) get_magic_quotes_gpc() ? $op=$_GET['op']:$op=addslashes($_GET['op']); else $op='';30 if (isset($_GET['id_circ'])) get_magic_quotes_gpc() ? $id_circ=$_GET['id_circ']:$id_circ=addslashes($_GET['id_circ']); else $id_circ='';31 if (isset($_GET['id_sez'])) get_magic_quotes_gpc() ? $id_sez=$_GET['id_sez']:$id_sez=addslashes($_GET['id_sez']); else $id_sez='';32 if (isset($_GET['id_sede'])) get_magic_quotes_gpc() ? $id_sede=$_GET['id_sede']:$id_sede=addslashes($_GET['id_sede']); else $id_sede='';33 if (isset($_GET['validi'])) get_magic_quotes_gpc() ? $validi=$_GET['validi']:$validi=addslashes($_GET['validi']); else $validi='';34 if (isset($_GET['nulli'])) get_magic_quotes_gpc() ? $nulli=$_GET['nulli']:$nulli=intval($_GET['nulli']); else $nulli='';35 if (isset($_GET['bianchi'])) get_magic_quotes_gpc() ? $bianchi=$_GET['bianchi']:$bianchi=addslashes($_GET['bianchi']); else $bianchi='';36 if (isset($_GET['contestati'])) get_magic_quotes_gpc() ? $contestati=$_GET['contestati']:$contestati=addslashes($_GET['contestati']); else $contestati='';37 if (isset($_GET['votinulli'])) get_magic_quotes_gpc() ? $votinulli=$_GET['votinulli']:$votinulli=addslashes($_GET['votinulli']); else $votinulli='01-01-1900';38 if (isset($_GET['id_comune'])) get_magic_quotes_gpc() ? $id_comune=$_GET['id_comune']:$id_comune=addslashes($_GET['id_comune']); else $id_comune='';39 if (isset($_GET['ops'])) get_magic_quotes_gpc() ? $ops=$_GET['ops']:$ops=addslashes($_GET['ops']); else $ops='';40 if (isset($_GET['delete'])) get_magic_quotes_gpc() ? $delete=$_GET['delete']:$delete=addslashes($_GET['delete']); else $delete='';26 if (isset($_GET['genere'])) $genere=addslashes($_GET['genere']); else $genere=''; 27 if (isset($_GET['id_cons_gen'])) $id_cons_gen=addslashes($_GET['id_cons_gen']); else $id_cons_gen=''; 28 if (isset($_GET['id_cons'])) $id_cons=addslashes($_GET['id_cons']); else $id_cons=''; 29 if (isset($_GET['op'])) $op=addslashes($_GET['op']); else $op=''; 30 if (isset($_GET['id_circ'])) $id_circ=addslashes($_GET['id_circ']); else $id_circ=''; 31 if (isset($_GET['id_sez'])) $id_sez=addslashes($_GET['id_sez']); else $id_sez=''; 32 if (isset($_GET['id_sede'])) $id_sede=addslashes($_GET['id_sede']); else $id_sede=''; 33 if (isset($_GET['validi'])) $validi=addslashes($_GET['validi']); else $validi=''; 34 if (isset($_GET['nulli'])) $nulli=intval($_GET['nulli']); else $nulli=''; 35 if (isset($_GET['bianchi'])) $bianchi=addslashes($_GET['bianchi']); else $bianchi=''; 36 if (isset($_GET['contestati'])) $contestati=addslashes($_GET['contestati']); else $contestati=''; 37 if (isset($_GET['votinulli'])) $votinulli=addslashes($_GET['votinulli']); else $votinulli='01-01-1900'; 38 if (isset($_GET['id_comune'])) $id_comune=addslashes($_GET['id_comune']); else $id_comune=''; 39 if (isset($_GET['ops'])) $ops=addslashes($_GET['ops']); else $ops=''; 40 if (isset($_GET['delete'])) $delete=addslashes($_GET['delete']); else $delete=''; 41 41 42 42 global $prefix,$id_parz,$genere,$fileout,$id_cons; -
trunk/admin/modules/Elezioni/scarica.php
r336 r344 16 16 $aid=$_SESSION['aid']; 17 17 $prefix=$_SESSION['prefix']; 18 $ currentlang=$_SESSION['lang'];18 $language=$_SESSION['lang']; 19 19 $param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST; 20 20 $id_cons_gen=intval($param['id_cons_gen']); … … 29 29 if (isset($param['fase'])) $fase=intval($param['fase']); else $fase=0; 30 30 if (isset($param['id_cons_gen2'])) $id_cons_gen2=intval($param['id_cons_gen2']); else $id_cons_gen2='0'; 31 if (isset($param['indirizzoweb'])) get_magic_quotes_gpc() ? $indirizzoweb=$param['indirizzoweb']:$indirizzoweb=addslashes($param['indirizzoweb']); else $indirizzoweb='http://www.eleonline.it/moduli/client/';31 if (isset($param['indirizzoweb'])) $indirizzoweb=addslashes($param['indirizzoweb']); else $indirizzoweb='http://www.eleonline.it/client/'; 32 32 if (isset($param['id_comune2'])) $id_comune2=intval($param['id_comune2']); else $id_comune2='0'; 33 33 -
trunk/admin/versione.php
r343 r344 1 1 <?php 2 2 3 $versione = "3.0 rev 34 3";3 $versione = "3.0 rev 344"; 4 4 $version_number = $versione; 5 $datarel = " 19 novembre 2020";5 $datarel = "01 dicembre 2020"; 6 6 $version = "Eleonline $version_number (<i>Data Release: $datarel</i>)"; 7 7
Note:
See TracChangeset
for help on using the changeset viewer.