Menu
▾
▴
[Phpbb-checkins] CVS: phpBB2 profile.php,1.163,1.164
|
From: Paul S. O. <ps...@us...> - 2002-01-02 14:39:38
|
Update of /cvsroot/phpbb/phpBB2
In directory usw-pr-cvs1:/tmp/cvs-serv16581
Modified Files:
profile.php
Log Message:
Fix bug #495335 by removing specialchars and strip_tags from password checks
Index: profile.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/profile.php,v
retrieving revision 1.163
retrieving revision 1.164
diff -C2 -r1.163 -r1.164
*** profile.php 2002/01/01 21:39:53 1.163
--- profile.php 2002/01/02 14:39:35 1.164
***************
*** 468,474 ****
$email = (!empty($HTTP_POST_VARS['email'])) ? trim(strip_tags(htmlspecialchars(str_replace(" ", " ",$HTTP_POST_VARS['email'])))) : "";
! $password_current = (!empty($HTTP_POST_VARS['cur_password'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['cur_password']))) : "";
! $password = (!empty($HTTP_POST_VARS['new_password'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['new_password']))) : "";
! $password_confirm = (!empty($HTTP_POST_VARS['password_confirm'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['password_confirm']))) : "";
$icq = (!empty($HTTP_POST_VARS['icq'])) ? trim(strip_tags($HTTP_POST_VARS['icq'])) : "";
--- 468,474 ----
$email = (!empty($HTTP_POST_VARS['email'])) ? trim(strip_tags(htmlspecialchars(str_replace(" ", " ",$HTTP_POST_VARS['email'])))) : "";
! $password_current = (!empty($HTTP_POST_VARS['cur_password'])) ? trim($HTTP_POST_VARS['cur_password']) : "";
! $password = (!empty($HTTP_POST_VARS['new_password'])) ? trim($HTTP_POST_VARS['new_password']) : "";
! $password_confirm = (!empty($HTTP_POST_VARS['password_confirm'])) ? trim($HTTP_POST_VARS['password_confirm']) : "";
$icq = (!empty($HTTP_POST_VARS['icq'])) ? trim(strip_tags($HTTP_POST_VARS['icq'])) : "";
|
