extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-08 17:14:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

small fix

Browse Source
This commit is contained in:
Ralf Becker 2004-08-22 14:14:38 +00:00
parent 766ad46189
commit 092bca5805
1 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
phpgwapi/inc/common_functions.inc.php
View File

@ -1201,6 +1201,27 @@
return $_GET['menuaction'] ? $_GET['menuaction'] : str_replace(PHPGW_SERVER_ROOT,'',$_SERVER['SCRIPT_FILENAME']); return $_GET['menuaction'] ? $_GET['menuaction'] : str_replace(PHPGW_SERVER_ROOT,'',$_SERVER['SCRIPT_FILENAME']);
} }
function _check_script_tag(&$var)
{
if (is_array($var))
{
foreach($var as $key => $val)
{
if (is_array($val))
{
_check_script($var[$key]);
}
else
{
if (preg_match('/(<|&lt;)+\/?script(>|&gt;)+/i',$val))
{
unset($var[$key]);
}
}
}
}
}
foreach(array('_GET','_POST','_REQUEST','HTTP_GET_VARS','HTTP_POST_VARS','HTTP_REQUEST_VARS') as $where) foreach(array('_GET','_POST','_REQUEST','HTTP_GET_VARS','HTTP_POST_VARS','HTTP_REQUEST_VARS') as $where)
{ {
$pregs = array( $pregs = array(
@ -1214,5 +1235,9 @@
$GLOBALS[$where][$name] = ''; $GLOBALS[$where][$name] = '';
} }
} }
if (is_array($GLOBALS[$where]))
{
_check_script_tag($GLOBALS[$where]);
}
} }
?> ?>