diff options
| author | filip <filip.komar@gmail.com> | 2016-01-01 20:08:12 +0100 |
|---|---|---|
| committer | filip <filip.komar@gmail.com> | 2016-01-01 20:08:12 +0100 |
| commit | 3d8f76092f0c77b3d0d4da2f4fb2f311f7fbb430 (patch) | |
| tree | d2dbad78be9a52f9e9f5e85b4fa839a20f22aa06 /langs/report_tx_git.php | |
| parent | 9e4a7ba2d2e17ef22c1262dd6fdb523f4911173f (diff) | |
| download | www-3d8f76092f0c77b3d0d4da2f4fb2f311f7fbb430.tar www-3d8f76092f0c77b3d0d4da2f4fb2f311f7fbb430.tar.gz www-3d8f76092f0c77b3d0d4da2f4fb2f311f7fbb430.tar.bz2 www-3d8f76092f0c77b3d0d4da2f4fb2f311f7fbb430.tar.xz www-3d8f76092f0c77b3d0d4da2f4fb2f311f7fbb430.zip | |
use provided function for user inputs check
Diffstat (limited to 'langs/report_tx_git.php')
| -rw-r--r-- | langs/report_tx_git.php | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/langs/report_tx_git.php b/langs/report_tx_git.php index 10e09ea63..44e986082 100644 --- a/langs/report_tx_git.php +++ b/langs/report_tx_git.php @@ -36,14 +36,14 @@ define('HLANG', TRUE); include 'lib.php'; $errors = array(); // stored for error management ;) -$c = (isset($_GET['c']) ? strip_tags(trim($_GET['c'])) : ''); +$c = (string) filter_input(INPUT_GET, 'c', FILTER_SANITIZE_STRING); if (in_array($c, array('Webpages', 'Documentation', 'Cauldron'))) { $resource_type = $c; // filter only valid resource types } else { $resource_type = 'Webpages'; // default } if (isset($_GET['l'])) { - $wanted_language = strip_tags(trim($_GET['l'])); + $wanted_language = (string) filter_input(INPUT_GET, 'l', FILTER_SANITIZE_STRING); $wanted_lang_name = get_language_name($wanted_language) . " ("; $wanted_lang_name .= build_transifex_link($wanted_language, NULL, $resource_type) . ")"; } else { @@ -55,7 +55,10 @@ if (isset($_GET['l'])) { // sr@latin vs. sr@latin.po exception: http://gitweb.mageia.org/software/i18n/system-config-printer/plain/po // uz@Cyrl vs. uz@cyrillic.po // en_GB vs. en_gb.po exception: http://gitweb.mageia.org/web/identity/plain/lib/CatDap/I18N -$wanted_resource = (isset($_GET['r']) ? strip_tags(trim($_GET['r'])) : NULL); +$wanted_resource = (string) filter_input(INPUT_GET, 'r', FILTER_SANITIZE_STRING); +if (empty($wanted_resource)) { + $wanted_resource = NULL; +} if ('Documentation' == $resource_type) { $git_resources = array( |