Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

fixed bug introduced by removal of evals; removed evals on home page

  • Loading branch information...
commit 01ccfbbb027d60746baf564a39222dd1b1b647b2 1 parent a9a0ea5
Joel Wan authored
View
19 index.php
@@ -24,8 +24,11 @@
}
if ($misc->GetVariable('attributeList') != null)
{
- if (isset($_GET['attributeList']))
- $attributeList = stripcslashes(urldecode($_GET['attributeList']));
+ if (isset($_GET['attributeList'])) {
+ $attArray = stripcslashes(urldecode($_GET['attributeList']));
+ $attArray = trim(preg_replace('#^array\s*\(|\d\s\=\>\s*\'|\'\,\s*\)$#', '', $attArray));
+ $attributeList = preg_split('#\'\s*,\s*#', $attArray);
+ }
else
@$attributeList=unserialize($_SESSION['attributeList']);
}
@@ -41,7 +44,9 @@
{
$typeList = urldecode($_GET['typeList']);
}
- $typeList = trim($typeList);
+ $typeArray = trim($typeList);
+ $typeArray = trim(preg_replace('#^array\s*\(|\d\s\=\>\s*\'|\'\,\s*\)$#', '', $typeArray));
+ $typeList = preg_split('#\'\s*,\s*#', $typeArray);
for($i=0; $i<sizeof($typeList); $i++)
{
$typeList[$i] = stripcslashes($typeList[$i]);
@@ -59,9 +64,15 @@
if ($misc->GetVariable('classList') != null)
{
if (isset($_GET['classList']))
- $classList = stripcslashes(urldecode($_GET['classList']));
+ {
+ $classArray = stripcslashes(urldecode($_GET['classList']));
+ $classArray = trim(preg_replace('#^array\s*\(|\d\s\=\>\s*\'|\'\,\s*\)$#', '', $classArray));
+ $classList = preg_split('#\'\s*,\s*#', $classArray);
+ }
else
+ {
@$classList=unserialize($_SESSION['classList']);
+ }
}
$pdoDriver = ($misc->GetVariable('pdoDriver')!=null?$misc->GetVariable('pdoDriver'):'mysql');
View
21 local_46888.xml
@@ -1,31 +1,10 @@
<?xml version="1.0" ?>
<Links>
<Link>
- <LinkID>OI87827</LinkID>
- <URL>http://www.forumla.de/archive/index.php/f-30.html</URL>
- <Text>PS3 Community - Forumla.de</Text>
- <BeforeText> </BeforeText>
- <AfterText> </AfterText>
- </Link>
- <Link>
- <LinkID>OI319561</LinkID>
- <URL>http://www.superwarehouse.com/Sony_Laptops/b/250/c/14</URL>
- <Text>Sony Laptops</Text>
- <BeforeText> </BeforeText>
- <AfterText> </AfterText>
- </Link>
- <Link>
<LinkID>OI469063</LinkID>
<URL>http://www.canadianwebhosting.com/domain_hosting.asp</URL>
<Text>domain hosting</Text>
<BeforeText> </BeforeText>
<AfterText> </AfterText>
</Link>
- <Link>
- <LinkID>OI576934</LinkID>
- <URL>http://www.facebook.com/FisherInvestmentsMarketMinder</URL>
- <Text>Market Minder on Facebook</Text>
- <BeforeText> </BeforeText>
- <AfterText> </AfterText>
- </Link>
</Links>
View
2  regenerate.php
@@ -57,7 +57,7 @@
}
else
{
- $_SESSION[$arguments[0]] = $value;
+ eval ("\$_SESSION['".$arguments[0]."'] = '".$value."';");
}
}
if (!isset($pdoDrive))
View
2  services/soap_php5.php
@@ -289,7 +289,7 @@ function GeneratePackageFromLink($link)
}
else
{
- $$arguments[0] = $value;
+ eval ("$".$arguments[0]." = '".$value."';");
}
if (!isset($pdoDrive))
{
Please sign in to comment.
Something went wrong with that request. Please try again.