Update of /cvsroot/serverfilters/serversidefilter
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv24861
Modified Files:
recipie_functions.php
Log Message:
Disallow newlines in user input
Index: recipie_functions.php
===================================================================
RCS file: /cvsroot/serverfilters/serversidefilter/recipie_functions.php,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** recipie_functions.php 21 May 2005 09:13:18 -0000 1.1.1.1
--- recipie_functions.php 7 Jun 2005 22:58:50 -0000 1.2
***************
*** 183,188 ****
$ssmatching = addslashes($recipies[$i]['matching']);
! $ssstring = escapeshellcmd($ssstring);
! $ssadd_string = escapeshellcmd($ssadd_string);
fputs($nf, "\n###${ssfield} '' ${ssstring} '' ${ssfolder} '' ${ssaction} '' ${sstoFolder} '' ${sstoAddress} '' ${ssadd_string} '' ${ssmatching} \n");
--- 183,190 ----
$ssmatching = addslashes($recipies[$i]['matching']);
! $ssstring = str_replace(array("\r\n", "\r", "\n"), "",
! escapeshellcmd($ssstring));
! $ssadd_string = str_replace(array("\r\n", "\r", "\n"), "",
! escapeshellcmd($ssadd_string));
fputs($nf, "\n###${ssfield} '' ${ssstring} '' ${ssfolder} '' ${ssaction} '' ${sstoFolder} '' ${sstoAddress} '' ${ssadd_string} '' ${ssmatching} \n");
|
