Fixed register_globals issue. Some more work to secure the contact form is needed
This commit is contained in:
parent
f3f440ea18
commit
1f743f9e81
1 changed files with 13 additions and 10 deletions
|
@ -17,6 +17,8 @@
|
|||
*/ ?>
|
||||
<?
|
||||
include("../includes/account.php");
|
||||
$id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
|
||||
$oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
|
||||
|
||||
if($id == 6)
|
||||
{
|
||||
|
@ -25,11 +27,11 @@
|
|||
} else if($id == 19) {
|
||||
include_once("../pages/account/19.php");
|
||||
exit;
|
||||
} else if($oldid == 40 && $process != "" && $_POST['support'] != "yes") {
|
||||
$who = stripslashes($who);
|
||||
$email = stripslashes($email);
|
||||
$subject = stripslashes($subject);
|
||||
$message = stripslashes($message);
|
||||
} else if($oldid == 40 && $_REQUEST['process'] != "" && $_POST['support'] != "yes") {
|
||||
$who = stripslashes($_REQUEST['who']);
|
||||
$email = stripslashes($_REQUEST['email']);
|
||||
$subject = stripslashes($_REQUEST['subject']);
|
||||
$message = stripslashes($_REQUEST['message']);
|
||||
|
||||
$message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
|
||||
|
||||
|
@ -38,11 +40,12 @@
|
|||
echo _("Your message has been sent.");
|
||||
showfooter();
|
||||
exit;
|
||||
} else if($oldid == 40 && $process != "" && $_POST['support'] == "yes") {
|
||||
$who = stripslashes($who);
|
||||
$email = stripslashes($email);
|
||||
$subject = stripslashes($subject);
|
||||
$message = stripslashes($message);
|
||||
} else if($oldid == 40 && $_REQUEST['process'] != "" && $_POST['support'] == "yes") {
|
||||
$who = stripslashes($_REQUEST['who']);
|
||||
$email = stripslashes($_REQUEST['email']);
|
||||
$subject = stripslashes($_REQUEST['subject']);
|
||||
$message = stripslashes($_REQUEST['message']);
|
||||
|
||||
|
||||
$message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
|
||||
|
||||
|
|
Loading…
Reference in a new issue