Changeset 5003 for branches/2.0
- Timestamp:
- Feb 28, 2010, 9:58:45 PM (14 years ago)
- Location:
- branches/2.0
- Files:
-
- 8 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/2.0/admin/cat_list.php
r4505 r5003 70 70 // +-----------------------------------------------------------------------+ 71 71 72 check_input_parameter('parent_id', @$_GET['parent_id'], false, PATTERN_ID);72 check_input_parameter('parent_id', $_GET, false, PATTERN_ID); 73 73 74 74 $categories = array(); -
branches/2.0/admin/element_set.php
r4495 r5003 40 40 check_status(ACCESS_ADMINISTRATOR); 41 41 42 check_input_parameter('selection', @$_POST['selection'], true, PATTERN_ID);42 check_input_parameter('selection', $_POST, true, PATTERN_ID); 43 43 44 44 // +-----------------------------------------------------------------------+ -
branches/2.0/admin/element_set_global.php
r4730 r5003 45 45 46 46 // the $_POST['selection'] was already checked in element_set.php 47 check_input_parameter('add_tags', @$_POST['add_tags'], true, PATTERN_ID);48 check_input_parameter('del_tags', @$_POST['del_tags'], true, PATTERN_ID);49 check_input_parameter('associate', @$_POST['associate'], false, PATTERN_ID);50 check_input_parameter('dissociate', @$_POST['dissociate'], false, PATTERN_ID);47 check_input_parameter('add_tags', $_POST, true, PATTERN_ID); 48 check_input_parameter('del_tags', $_POST, true, PATTERN_ID); 49 check_input_parameter('associate', $_POST, false, PATTERN_ID); 50 check_input_parameter('dissociate', $_POST, false, PATTERN_ID); 51 51 52 52 if (isset($_POST['delete'])) -
branches/2.0/admin/picture_modify.php
r4495 r5003 34 34 check_status(ACCESS_ADMINISTRATOR); 35 35 36 check_input_parameter('image_id', $_GET ['image_id'], false, PATTERN_ID);37 check_input_parameter('cat_id', @$_GET['cat_id'], false, PATTERN_ID);36 check_input_parameter('image_id', $_GET, false, PATTERN_ID); 37 check_input_parameter('cat_id', $_GET, false, PATTERN_ID); 38 38 39 39 // +-----------------------------------------------------------------------+ -
branches/2.0/comments.php
r4508 r5003 118 118 if (!empty($_GET['comment_id'])) 119 119 { 120 check_input_parameter('comment_id', $_GET ['comment_id'], false, PATTERN_ID);120 check_input_parameter('comment_id', $_GET, false, PATTERN_ID); 121 121 122 122 // currently, the $_GET['comment_id'] is only used by admins from email … … 184 184 if (isset($_GET['delete'])) 185 185 { 186 check_input_parameter('delete', $_GET ['delete'], false, PATTERN_ID);186 check_input_parameter('delete', $_GET, false, PATTERN_ID); 187 187 188 188 $query = ' … … 196 196 if (isset($_GET['validate'])) 197 197 { 198 check_input_parameter('validate', $_GET ['validate'], false, PATTERN_ID);198 check_input_parameter('validate', $_GET, false, PATTERN_ID); 199 199 200 200 $query = ' -
branches/2.0/feed.php
r5001 r5003 64 64 // +-----------------------------------------------------------------------+ 65 65 66 check_input_parameter('feed', @$_GET['feed'], false, '/^[0-9a-z]{50}$/i');66 check_input_parameter('feed', $_GET, false, '/^[0-9a-z]{50}$/i'); 67 67 68 68 $feed_id= isset($_GET['feed']) ? $_GET['feed'] : ''; -
branches/2.0/include/functions.inc.php
r4965 r5003 1504 1504 * 1505 1505 * @param string param_name 1506 * @param mixed param_value1506 * @param array param_array 1507 1507 * @param boolean is_array 1508 1508 * @param string pattern … … 1510 1510 * @return void 1511 1511 */ 1512 function check_input_parameter($param_name, $param_value, $is_array, $pattern) 1513 { 1512 function check_input_parameter($param_name, $param_array, $is_array, $pattern) 1513 { 1514 $param_value = null; 1515 if (isset($param_array[$param_name])) 1516 { 1517 $param_value = $param_array[$param_name]; 1518 } 1519 1514 1520 // it's ok if the input parameter is null 1515 1521 if (empty($param_value)) -
branches/2.0/search.php
r4752 r5003 72 72 if (isset($_POST['tags'])) 73 73 { 74 check_input_parameter('tags', $_POST ['tags'], true, PATTERN_ID);74 check_input_parameter('tags', $_POST, true, PATTERN_ID); 75 75 76 76 $search['fields']['tags'] = array( … … 93 93 if (isset($_POST['cat'])) 94 94 { 95 check_input_parameter('cat', $_POST ['cat'], true, PATTERN_ID);95 check_input_parameter('cat', $_POST, true, PATTERN_ID); 96 96 97 97 $search['fields']['cat'] = array(
Note: See TracChangeset
for help on using the changeset viewer.