PROTIP: Don't make commits late at night while drinking

SpiderLabs · Jun 15, 2013 · 45c8555 · 45c8555
1 parent e111498
commit 45c8555
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 4 deletions.
diff --git a/includes/options.inc.php b/includes/options.inc.php
@@ -21,7 +21,6 @@
 	<tr><td>Sanitization Level:</td><td><select name="sanitization_level">
 		<option value="none">No sanitization</option>
 		<option value="whitelist" <?php if(isset($_REQUEST["sanitization_level"]) and $_REQUEST["sanitization_level"]=="whitelist") echo "selected"; ?>>Accept Only Whitelisted Items</option>
-		<option value="whitelist" <?php if(isset($_REQUEST["sanitization_level"]) and $_REQUEST["sanitization_level"]=="whitelist") echo "selected"; ?>>Accept Only Whitelisted Items</option>
 		<option value="reject_low" <?php if(isset($_REQUEST["sanitization_level"]) and $_REQUEST["sanitization_level"]=="reject_low") echo "selected"; ?>>Case-Sensitively Reject Blacklisted Items</option>
 		<option value="reject_high" <?php if(isset($_REQUEST["sanitization_level"]) and $_REQUEST["sanitization_level"]=="reject_high") echo "selected"; ?>>Case-Insensitively Reject Blacklisted Items</option>
 		<option value="escape" <?php if(isset($_REQUEST["sanitization_level"]) and $_REQUEST["sanitization_level"]=="escape") echo "selected"; ?>>Backslash-Escape Blacklisted Items</option>
@@ -33,7 +32,7 @@
 		<td>Regexes <input type="radio" value="regex" name="sanitization_type" <?php if(isset($_REQUEST["sanitization_type"]) and $_REQUEST["sanitization_type"]=="regex") echo "checked"; ?>></td></tr>
 	<tr><td>Enter comma-separated keywords or regexes<br>to whitelist or blacklist below.</td></tr>
 	<tr><td>Sanitization Parameters:</td><td><textarea name="sanitization_params"><?php if(isset($_REQUEST["sanitization_params"])) echo $_REQUEST["sanitization_params"]; ?></textarea></td></tr>
-<tr><td><b>Environmental Settings:<b></td></tr>
+<tr><td><b>Environmental Settings:</b></td></tr>
 	<tr><td>Random Failure?</td><td><input type="checkbox" name="random_failure"<?php echo isset($_REQUEST['random_failure']) ? ' checked' : '' ?>>
 	<tr><td>Random Time Delay?</td><td><input type="checkbox" name="random_delay"<?php echo isset($_REQUEST['random_delay']) ? ' checked' : '' ?>>
 <tr><td><b>Output Level:</b></td></tr>

diff --git a/includes/sanitize.inc.php b/includes/sanitize.inc.php
@@ -50,14 +50,14 @@
 				break;
 			case 'medium':
 				foreach($params as $keyword){
-					$_REQUEST['inject_string'] = str_replace(strtolower($keyword), '', strtolower($_REQUEST['inject_string']));
+					$_REQUEST['inject_string'] = str_ireplace($keyword, '', $_REQUEST['inject_string']);
 				}
 				break;
 			case 'high':
 				do{
 					$keyword_found = 0;
 					foreach($params as $keyword){
-						$_REQUEST['inject_string'] = str_replace(strtolower($keyword), '', strtolower($_REQUEST['inject_string']), $count);
+						$_REQUEST['inject_string'] = str_ireplace($keyword, '', $_REQUEST['inject_string'], $count);
 						$keyword_found += $count;
 					}	
 				}while ($keyword_found);