yolinlin/aowow
1
0
Fork 0
mirror of https://github.com/Sarjuuk/aowow.git synced 2025-11-29 15:58:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Userdata

Browse Source 
* replace input filter FILTER_UNSAFE_RAW (+ STRIP flags) with regex checks to preserve \n and utf8 chars
This commit is contained in:
Sarjuuk
2023-03-16 17:59:09 +01:00
parent ffa4cf5b29
commit 0c47f262ea
13 changed files with 75 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
includes/ajaxHandler/contactus.class.php
View File

@@ -6,13 +6,13 @@ if (!defined('AOWOW_REVISION'))
class AjaxContactus extends AjaxHandler
{
protected $_post = array(
'mode' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'],
'reason' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'],
'ua' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW],
'appname' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW],
'mode' => ['filter' => FILTER_SANITIZE_NUMBER_INT ],
'reason' => ['filter' => FILTER_SANITIZE_NUMBER_INT ],
'ua' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'],
'appname' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'],
'page' => ['filter' => FILTER_SANITIZE_URL ],
'desc' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW],
'id' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkInt'],
'desc' => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextBlob'],
'id' => ['filter' => FILTER_SANITIZE_NUMBER_INT ],
'relatedurl' => ['filter' => FILTER_SANITIZE_URL ],
'email' => ['filter' => FILTER_SANITIZE_EMAIL ]
);