diff options
| author | cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8> | 2005-10-21 18:50:26 +0000 |
|---|---|---|
| committer | cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8> | 2005-10-21 18:50:26 +0000 |
| commit | 50c5e06f099927d916bad4c35122a309a30f5a49 (patch) | |
| tree | c025fbd072ecda103bb0cc4ca9840a0d7589a8a2 /inc | |
| parent | c912c19f8e2f56749aa02cfca8e837061e5196b5 (diff) | |
debug modus fuer session daten erweitert
bugfix: problem mit lokalen variabeln und uebergaben
git-svn-id: svn://svn.cccv.de/engel-system@10 29ba0400-6e00-0410-a75a-ca02368028f8
Diffstat (limited to 'inc')
| -rwxr-xr-x | inc/UserCVS.php | 9 | ||||
| -rwxr-xr-x | inc/secure.php | 11 |
2 files changed, 8 insertions, 12 deletions
diff --git a/inc/UserCVS.php b/inc/UserCVS.php index 3454e7e3..ee1cb0a0 100755 --- a/inc/UserCVS.php +++ b/inc/UserCVS.php @@ -6,9 +6,12 @@ $Page["CVS"] = $_SESSION['CVS'][ $Page["Name"] ]; if( $DEBUG ) { - echo "UserID:". $_SESSION["UID"]. "<br>"; - echo "Nick:". $_SESSION["Nick"]. "<br>"; - +// echo "UserID:". $_SESSION["UID"]. "<br>"; +// echo "Nick:". $_SESSION["Nick"]. "<br>"; + + foreach( $_SESSION as $k => $v) + echo "$k = $v<br>\n"; + if( strlen($Page["CVS"]) == 0 ) echo "<h1><u> CVS ERROR, on page '". $Page["Name"]. "'</u></h1>"; else diff --git a/inc/secure.php b/inc/secure.php index 99d646d2..32c8f864 100755 --- a/inc/secure.php +++ b/inc/secure.php @@ -5,33 +5,26 @@ foreach ($_GET as $k => $v) { $v = htmlspecialchars($v); -//echo "$v<br>"; $v = mysql_escape_string($v); -//echo "$v<br>"; // $v = htmlentities($v); -//echo "$v<br>"; -// if (preg_match('/([\'"`\'])/', $v, $match)) if (preg_match('/([\"`])/', $v, $match)) { print "sorry get has illegal char '$match[1]'"; exit; } - $$k = $v; + $_GET[$k] = $v; } foreach ($_POST as $k => $v) { $v = htmlspecialchars($v); -//echo "$v<br>"; $v = mysql_escape_string($v); -//echo "$v<br>"; // $v = htmlentities($v); -//echo "$v<br>"; if (preg_match('/([\'"`\'])/', $v, $match)) { print "sorry post has illegal char '$match[1]'"; exit; } - $$k = $v; + $_POST[$k] = $v; } ?> |