webcalendar

Check-in [d701842a8d]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Replace dead old PHP API
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | master | trunk
Files: files | file ages | folders
SHA3-256:d701842a8d88e1fea09efee1b5148c21fdc6a956937dd3bcbcff01189dd267e5
User & Date: vandys 2019-04-10 23:56:50
Context
2019-04-10
23:56
Replace dead old PHP API Leaf check-in: d701842a8d user: vandys tags: master, trunk
2019-03-10
20:37
Fix "today" concept so it still works on daylight savings change days check-in: c847fd4b5f user: vandys tags: master, trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to includes/formvars.php.

26
27
28
29
30
31
32
33

34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

49
50
51
52
53

54
55
56
57
58
59
60
61
62
63
64
    );
  $failed = false;

  if ( is_array ( $instr ) ) {
    for ( $j = 0; $j < count ( $instr ); $j++ ) {
      for ( $i = 0; $i < count ( $bannedTags ) && ! $failed; $i++ ) {
        // First, replace any escape characters like '\x3c'
        $teststr = preg_replace ( "#(\\\x[0-9A-F]{2})#e",

          "chr(hexdec('\\1'))", $instr[$j] );
        if ( preg_match ( "/<\s*$bannedTags[$i]/i", $teststr ) ) {
          $failed = true;
        }
      }
    }
    if ( $failed ) {
      die_miserable_death ( translate ( 'Fatal Error' ) . ': '
         . translate ( 'Invalid data format for' ) . ' ' . $name );
    }
  } else {
    // Not an array
    // First, replace any escape characters like '\x3c'
    $teststr = preg_replace ( "#(\\\x[0-9A-F]{2})#e",
      "chr(hexdec('\\1'))", $instr );

    for ( $i = 0; $i < count ( $bannedTags ) && ! $failed; $i++ ) {
      if ( preg_match ( "/<\s*$bannedTags[$i]/i", $teststr ) ) {
        $failed = true;
      }
    }

    if ( $failed ) {
      die_miserable_death ( translate ( 'Fatal Error' ) . ': '
         . translate ( 'Invalid data format for' ) . ' ' . $name );
    }
  }
}

/* Gets the value resulting from an HTTP POST method.
 *
 * <b>Note:</b> The return value will be affected by the value of
 * <var>magic_quotes_gpc</var> in the php.ini file.







|
>
|





<
<
<
<



|
|
>





>
|
|
|
<







26
27
28
29
30
31
32
33
34
35
36
37
38
39
40




41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

56
57
58
59
60
61
62
    );
  $failed = false;

  if ( is_array ( $instr ) ) {
    for ( $j = 0; $j < count ( $instr ); $j++ ) {
      for ( $i = 0; $i < count ( $bannedTags ) && ! $failed; $i++ ) {
        // First, replace any escape characters like '\x3c'
        $teststr = preg_replace_callback("#(\\\x[0-9A-F]{2})#",
	    function($m) { return chr(hexdec($m[1])); },
	    $instr[$j]);
        if ( preg_match ( "/<\s*$bannedTags[$i]/i", $teststr ) ) {
          $failed = true;
        }
      }
    }




  } else {
    // Not an array
    // First, replace any escape characters like '\x3c'
    $teststr = preg_replace_callback("#(\\\x[0-9A-F]{2})#",
	function ($m) { return chr(hexdec($m[1])); },
	$instr);
    for ( $i = 0; $i < count ( $bannedTags ) && ! $failed; $i++ ) {
      if ( preg_match ( "/<\s*$bannedTags[$i]/i", $teststr ) ) {
        $failed = true;
      }
    }
  }
  if ( $failed ) {
    die_miserable_death ( translate ( 'Fatal Error' ) . ': '
       . translate ( 'Invalid data format for' ) . ' ' . $name );

  }
}

/* Gets the value resulting from an HTTP POST method.
 *
 * <b>Note:</b> The return value will be affected by the value of
 * <var>magic_quotes_gpc</var> in the php.ini file.