Make sure there is never posted data on GET requests

This is an addition to the previous patch to make sure there can not accidentally $data be passed on a GET request. darcs-hash:20080331223807-7ad00-0f03763f15a9d907da6a53ed8b3c3e55b906fbc7.gz
author: Andreas Gohr <andi@splitbrain.org> 2008-04-01 00:38:07 +0200
committer: Andreas Gohr <andi@splitbrain.org> 2008-04-01 00:38:07 +0200
commit: 197e18727f7040bd95955282099e937995897f5d (patch)
tree: f737b42755cc5cc1ef91ed41a00e021bbbd83a35 /inc/HTTPClient.php
parent: 246fab0949d4f415f5b0a9c7fa46e23c0924dbcb (diff)
download: rpg-197e18727f7040bd95955282099e937995897f5d.tar.gz
rpg-197e18727f7040bd95955282099e937995897f5d.tar.bz2
1 files changed, 2 insertions, 0 deletions
diff --git a/inc/HTTPClient.php b/inc/HTTPClient.php
index e263989a4..ed0a3aec6 100644
--- a/inc/HTTPClient.php
+++ b/inc/HTTPClient.php
@@ -197,6 +197,8 @@ class HTTPClient {
             }
             $headers['Content-Length'] = strlen($data);
             $rmethod = 'POST';
+        }elseif($method == 'GET'){
+            $data = ''; //no data allowed on GET requests
         }
         if($this->user) {
             $headers['Authorization'] = 'Basic '.base64_encode($this->user.':'.$this->pass);
author	Andreas Gohr <andi@splitbrain.org>	2008-04-01 00:38:07 +0200
committer	Andreas Gohr <andi@splitbrain.org>	2008-04-01 00:38:07 +0200
commit	197e18727f7040bd95955282099e937995897f5d (patch)
tree	f737b42755cc5cc1ef91ed41a00e021bbbd83a35 /inc/HTTPClient.php
parent	246fab0949d4f415f5b0a9c7fa46e23c0924dbcb (diff)
download	rpg-197e18727f7040bd95955282099e937995897f5d.tar.gz rpg-197e18727f7040bd95955282099e937995897f5d.tar.bz2