From 89c6aa2d87cb1446e41f3c9b7767d283c6c600d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Sun, 5 Jan 2014 05:04:41 +0100 Subject: [PATCH] Removed unused/unuseful injection checks on open survey creation --- htdocs/langs/en_US/opensurvey.lang | 1 - htdocs/opensurvey/public/choix_autre.php | 7 +------ htdocs/opensurvey/public/create_survey.php | 7 +------ 3 files changed, 2 insertions(+), 13 deletions(-) diff --git a/htdocs/langs/en_US/opensurvey.lang b/htdocs/langs/en_US/opensurvey.lang index f29dade011cc3..82126d16ef8b9 100644 --- a/htdocs/langs/en_US/opensurvey.lang +++ b/htdocs/langs/en_US/opensurvey.lang @@ -73,6 +73,5 @@ PublicLinkToCreateSurvey=Public link to allow everybody to create a survey ErrorOpenSurveyFillFirstSection=You haven't filled the first section of the poll creation ErrorOpenSurveyOneChoice=Enter at least one choice ErrorOpenSurveyDateFormat=Date must be have the format DD/MM/YYYY -ErrorOpenSurveyInvalidChars=Characters \" < and > are not permitted MoreChoices=Enter more choices for the voters AfterCreationInfo=Once you have confirmed the creation of your poll, you will be automatically redirected on the page of your poll.
Then, you will receive quickly an email contening the link to your poll for sending it to the voters. \ No newline at end of file diff --git a/htdocs/opensurvey/public/choix_autre.php b/htdocs/opensurvey/public/choix_autre.php index ccb50a899f010..4785a2b6e2871 100644 --- a/htdocs/opensurvey/public/choix_autre.php +++ b/htdocs/opensurvey/public/choix_autre.php @@ -42,7 +42,6 @@ */ // Set session vars -$erreur_injection = false; if (isset($_SESSION["nbrecases"])) { for ($i = 0; $i < $_SESSION["nbrecases"]; $i++) { if (isset($_POST["choix"][$i])) { @@ -188,11 +187,7 @@ print "
" . $langs->trans("ErrorOpenSurveyDateFormat") . "

"."\n"; } -if ($erreur_injection) { - print "" . $langs->trans("ErrorOpenSurveyInvalidChars") . "

\n"; -} - -if ((isset($_POST["fin_sondage_autre"]) || isset($_POST["fin_sondage_autre_x"])) && !$erreur && !$erreur_injection) { +if ((isset($_POST["fin_sondage_autre"]) || isset($_POST["fin_sondage_autre_x"])) && !$erreur) { //demande de la date de fin du sondage print '
'."\n"; print '
'."\n"; diff --git a/htdocs/opensurvey/public/create_survey.php b/htdocs/opensurvey/public/create_survey.php index f0f99fe76590c..505adbee1d363 100644 --- a/htdocs/opensurvey/public/create_survey.php +++ b/htdocs/opensurvey/public/create_survey.php @@ -51,9 +51,6 @@ // On initialise également les autres variables $erreur_adresse = false; -$erreur_injection_titre = false; -$erreur_injection_nom = false; -$erreur_injection_commentaires = false; $cocheplus = ''; $cochemail = ''; @@ -86,9 +83,7 @@ if (! isValidEmail($adresse)) $erreur_adresse = true; - //var_dump($titre.' - '.$nom.' - '.$adresse.' - '.!$erreur_adresse.' - '.! $erreur_injection_titre.' - '.! $erreur_injection_commentaires.' - '.! $erreur_injection_nom.' - '.$creation_sondage_date.' - '.$creation_sondage_autre); exit; - - if ($titre && $nom && $adresse && !$erreur_adresse && ! $erreur_injection_titre && ! $erreur_injection_commentaires && ! $erreur_injection_nom) + if ($titre && $nom && $adresse && !$erreur_adresse) { if (! empty($creation_sondage_date)) {