From fd785f3d32d0b299556890e9fa639d5cc1209019 Mon Sep 17 00:00:00 2001
From: filip <filip.komar@gmail.com>
Date: Thu, 7 Jul 2016 23:51:39 +0200
Subject: new function 'get sanitized string from $_GET'

---
 langs/diff.php    | 11 ++++++-----
 langs/missing.php |  6 +++---
 langs/report.php  |  8 ++++----
 3 files changed, 13 insertions(+), 12 deletions(-)

(limited to 'langs')

diff --git a/langs/diff.php b/langs/diff.php
index fcc0f93ff..f3c10b895 100644
--- a/langs/diff.php
+++ b/langs/diff.php
@@ -6,13 +6,14 @@
 define('HLANG', true);
 include 'lib.php';
 
-$source_file = isset($_GET['s']) ? strip_tags(trim($_GET['s'])) : null;
-$target_lang = isset($_GET['l']) ? strip_tags(trim($_GET['l'])) : null;
+$source_file = get_sane_string('s');
+$target_lang = get_sane_string('l');
 
-if (is_null($source_file) ||
-    is_null($target_lang)) {
+if (empty($source_file) ||
+    empty($target_lang)) {
 
-    die('kthxbai');
+    header('Location: /langs/report.php');
+    die;
 }
 
 if (!file_exists($source_file)) {
diff --git a/langs/missing.php b/langs/missing.php
index 345e9035e..881ed5e99 100644
--- a/langs/missing.php
+++ b/langs/missing.php
@@ -4,10 +4,10 @@
 define('HLANG', true);
 include 'lib.php';
 
-$s = isset($_GET['s']) ? strip_tags(trim($_GET['s'])) : null;
-$l = isset($_GET['l']) ? strip_tags(trim($_GET['l'])) : null;
+$s = get_sane_string('s');
+$l = get_sane_string('l');
 
-if (is_null($s)) {
+if (empty($s) || empty($l)) {
     header('Location: /langs/report.php');
     die;
 }
diff --git a/langs/report.php b/langs/report.php
index 74bc56f68..0f0d7c0ed 100644
--- a/langs/report.php
+++ b/langs/report.php
@@ -42,14 +42,14 @@
     define('HLANG', TRUE);
 
     include 'lib.php';
-    $one_language = isset($_GET['l']) ? strip_tags(trim($_GET['l'])) : NULL;
-    $one_resource  = isset($_GET['r']) ? strip_tags(trim($_GET['r'])) : NULL;
+    $one_language = get_sane_string('l');
+    $one_resource = get_sane_string('r');
 
     $one_language_all_resources      = FALSE;
     $all_languages_only_one_resource = FALSE;
 
     $otherLangs = get_other_langs();
-    if (isset($one_language) && $one_language != 'all') {
+    if (!empty($one_language) && $one_language != 'all') {
         if (in_array($one_language, $otherLangs)) {
             $one_language_all_resources = TRUE;
             $otherLangs = array('en', $one_language);
@@ -59,7 +59,7 @@
     }
 
     $enFiles = array_merge(array('../_nav/langs/en.pot'), get_lang_references('*.pot')); // added navigation file
-    if (isset($one_resource) && $one_resource != 'all') {
+    if (!empty($one_resource) && $one_resource != 'all') {
         if (in_array($one_resource, $enFiles)) {
             $all_languages_only_one_resource = TRUE;
             $enFiles = array($one_resource);
-- 
cgit v1.2.1