Skip to content
Permalink
Browse files
Protection cross side scripting
 Modified Files:
 	glpi/glpi/common/functions.php
 	glpi/glpi/common/functions_auth.php
  • Loading branch information
moyooo committed Jan 11, 2006
1 parent 5dcb655 commit 6f2375a6fccbed7ad9e39d11589505cefd623ff3
Showing 2 changed files with 15 additions and 1 deletion.
@@ -101,6 +101,16 @@ function addslashes_deep($value) {
}


function clean_cross_side_scripting_deep($value) {
$in=array("<",">");
$out=array("&lt;","&gt;");
$value = is_array($value) ?
array_map('clean_cross_side_scripting_deep', $value) :
(is_null($value) ? NULL : str_replace($in,$out,$value));
return $value;
}


function utf8_decode_deep($value) {
$value = is_array($value) ?
array_map('utf8_decode_deep', $value) :
@@ -177,12 +177,15 @@ function checkAuthentication($authtype) {
}
if (isset($_POST)){
$_POST = array_map('addslashes_deep', $_POST);
$_POST = array_map('clean_cross_side_scripting_deep', $_POST);
}
if (isset($_GET)){
$_GET = array_map('addslashes_deep', $_GET);
$_GET = array_map('clean_cross_side_scripting_deep', $_GET);
}
if (isset($tab)){
$tab = array_map('addslashes_deep', $tab);
$tab = array_map('addslashes_deep', $tab);
$tab = array_map('clean_cross_side_scripting_deep', $tab);
}

// Checks a GLOBAL user and password against the database
@@ -288,6 +291,7 @@ function checkAuthentication($authtype) {
}
}


/**
* Include the good language dict.
*

0 comments on commit 6f2375a

Please sign in to comment.