diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2008-10-02 12:05:13 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2008-10-02 12:05:13 +0000 |
| commit | 9a7804cb717850afe209c347b05b957b72d866fb (patch) | |
| tree | cffd399498537ed93d8efe6b2100b8bcfdbefc42 /phpBB/includes/functions.php | |
| parent | 8f2b4562b1523c028781286a63947bfd44f79c7c (diff) | |
| download | forums-9a7804cb717850afe209c347b05b957b72d866fb.tar forums-9a7804cb717850afe209c347b05b957b72d866fb.tar.gz forums-9a7804cb717850afe209c347b05b957b72d866fb.tar.bz2 forums-9a7804cb717850afe209c347b05b957b72d866fb.tar.xz forums-9a7804cb717850afe209c347b05b957b72d866fb.zip | |
[Change] Remove NUL-Bytes directly in request_var() for strings and within the custom DBAL sql_escape() functions (MSSQL, Firebird, Oracle) (reported by AdhostMikeSw)
git-svn-id: file:///svn/phpbb/trunk@8968 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/functions.php')
| -rw-r--r-- | phpBB/includes/functions.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index ca8e71906a..7bfbda394b 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -32,7 +32,7 @@ function set_var(&$result, $var, $type, $multibyte = false) if ($type == 'string') { - $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r"), array("\n", "\n"), $result), ENT_COMPAT, 'UTF-8')); + $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result), ENT_COMPAT, 'UTF-8')); if (!empty($result)) { |