Skip to content

Commit

Permalink
Fixed 4533: Tokens with hyphen cause error when exit & clearall is used
Browse files Browse the repository at this point in the history 
dev: Made the hyphen forbidden in tokens by updating the sanitize token function to strip the hyphen and use the sanitized token in duplicate check

git-svn-id: file:///Users/Shitiz/Downloads/lssvn/source/limesurvey_dev@9100 b72ed6b6-b9f8-46b5-92b4-906544132732
  • Loading branch information
@mennodekker
mennodekker committed Sep 1, 2010
1 parent fecb055 commit 3136ed3
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 6 deletions.
11 changes: 6 additions & 5 deletions admin/tokens.php
View file
Expand Up @@ -2586,14 +2586,15 @@
$invalidemaillist[]=$line[0]." ".$line[1]." (".$line[2].")";
}

if (!isset($writearray['token'])) {
$writearray['token'] = '';
} else {
$writearray['token']=sanitize_token($writearray['token']);
}

if (!$dupfound && !$invalidemail)
{
if (!isset($writearray['emailstatus']) || $writearray['emailstatus']=='') $writearray['emailstatus'] = "OK";
if (!isset($writearray['token'])) {
$writearray['token'] = '';
}else{
$writearray['token']=sanitize_token($writearray['token']);
}
if (!isset($writearray['language']) || $writearray['language'] == "") $writearray['language'] = $baselanguage;
if (isset($writearray['validfrom']) && trim($writearray['validfrom']=='')){ unset($writearray['validfrom']);}
if (isset($writearray['validuntil']) && trim($writearray['validuntil']=='')){ unset($writearray['validuntil']);}
Expand Down
2 changes: 1 addition & 1 deletion classes/core/sanitize.php
View file
Expand Up @@ -371,7 +371,7 @@ function sanitize_languagecodeS($codestringtosanitize) {
}

function sanitize_token($codetosanitize) {
return preg_replace('/[^_a-z0-9-]/i', '', $codetosanitize);
return preg_replace('/[^_a-z0-9]/i', '', $codetosanitize);
}

function sanitize_signedint($integer, $min='', $max='')
Expand Down

0 comments on commit 3136ed3

Please sign in to comment.