diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2008-10-02 12:04:12 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2008-10-02 12:04:12 +0000 |
| commit | 2c1d80c75a3f41517090004e59f1e04a21437cc8 (patch) | |
| tree | b8314c50975c595b8f4b4e72211ae8809ccae985 /phpBB/includes/functions.php | |
| parent | ed4797bb4e495d500790f1b21a5fb58b18e8d27d (diff) | |
| download | forums-2c1d80c75a3f41517090004e59f1e04a21437cc8.tar forums-2c1d80c75a3f41517090004e59f1e04a21437cc8.tar.gz forums-2c1d80c75a3f41517090004e59f1e04a21437cc8.tar.bz2 forums-2c1d80c75a3f41517090004e59f1e04a21437cc8.tar.xz forums-2c1d80c75a3f41517090004e59f1e04a21437cc8.zip | |
Remove NUL-Bytes directly in request_var() for strings and within the custom DBAL sql_escape() functions (MSSQL, Firebird, Oracle) (reported by AdhostMikeSw)
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8967 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/functions.php')
| -rw-r--r-- | phpBB/includes/functions.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 0c5daa9231..862314aba9 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -32,7 +32,7 @@ function set_var(&$result, $var, $type, $multibyte = false) if ($type == 'string') { - $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r"), array("\n", "\n"), $result), ENT_COMPAT, 'UTF-8')); + $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result), ENT_COMPAT, 'UTF-8')); if (!empty($result)) { |