diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2006-05-31 21:11:14 +0200 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2006-05-31 21:11:14 +0200 |
| commit | 11d989c3956979fb1a4d0737c128976ca553d4bb (patch) | |
| tree | 7394e2a1fb800e76b2e68ce04306b4c5c9f56ba3 | |
| parent | 8c6b3080c2e978c0b4422555baedeca97f678bbf (diff) | |
| download | rpg-11d989c3956979fb1a4d0737c128976ca553d4bb.tar.gz rpg-11d989c3956979fb1a4d0737c128976ca553d4bb.tar.bz2 | |
XSS bugfix #820
darcs-hash:20060531191114-7ad00-ee7498f6a9e047fc9eda5f8754f85d9b8a3317d5.gz
| -rw-r--r-- | inc/auth.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/inc/auth.php b/inc/auth.php index 264a1a5fa..a61e08ad5 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -458,8 +458,8 @@ function register(){ $_POST['login'] = preg_replace('/.*:/','',$_POST['login']); $_POST['login'] = cleanID($_POST['login']); //clean fullname and email - $_POST['fullname'] = trim(str_replace(':','',$_POST['fullname'])); - $_POST['email'] = trim(str_replace(':','',$_POST['email'])); + $_POST['fullname'] = trim(preg_replace('/[\x00-\x1f:<>&%]+/','',$_POST['fullname'])); + $_POST['email'] = trim(preg_replace('/[\x00-\x1f:<>&%]+/','',$_POST['email'])); if( empty($_POST['login']) || empty($_POST['fullname']) || @@ -533,8 +533,8 @@ function updateprofile() { } //clean fullname and email - $_POST['fullname'] = trim(str_replace(':','',$_POST['fullname'])); - $_POST['email'] = trim(str_replace(':','',$_POST['email'])); + $_POST['fullname'] = trim(preg_replace('/[\x00-\x1f:<>&%]+/','',$_POST['fullname'])); + $_POST['email'] = trim(preg_replace('/[\x00-\x1f:<>&%]+/','',$_POST['email'])); if (empty($_POST['fullname']) || empty($_POST['email'])) { msg($lang['profnoempty'],-1); |