cacert
/
cacert-webdb
8
0
Fork 0
Code Issues Pull Requests 7 Projects Releases 2 Wiki Activity

Improved register_globals

Browse Source
pull/1/head
root 16 years ago
parent 8000fa8754
commit 25c01c726f
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File

12
www/index.php
Unescape Escape View File

@ -49,7 +49,7 @@
$qs = array();
$id = $oldid;
$oldid = 0;
if($_REQUEST['Q1'])
if(array_key_exists('Q1',$_REQUEST) && $_REQUEST['Q1'])
{
$_SESSION['lostpw']['A1'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
@ -57,7 +57,7 @@
$answers++;
$body .= "System: ".$_SESSION['lostpw']['user']['A1']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A1']))."\n";
}
if($_REQUEST['Q2'])
if(array_key_exists('Q2',$_REQUEST) && $_REQUEST['Q2'])
{
$_SESSION['lostpw']['A2'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
@ -65,7 +65,7 @@
$answers++;
$body .= "System: ".$_SESSION['lostpw']['user']['A2']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A2']))."\n";
}
if($_REQUEST['Q3'])
if(array_key_exists('Q3',$_REQUEST) && $_REQUEST['Q3'])
{
$_SESSION['lostpw']['A3'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
@ -73,7 +73,7 @@
$answers++;
$body .= "System: ".$_SESSION['lostpw']['user']['A3']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A3']))."\n";
}
if($_REQUEST['Q4'])
if(array_key_exists('Q4',$_REQUEST) && $_REQUEST['Q4'])
{
$_SESSION['lostpw']['A4'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
@ -81,7 +81,7 @@
$answers++;
$body .= "System: ".$_SESSION['lostpw']['user']['A4']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A4']))."\n";
}
if($_REQUEST['Q5'])
if(array_key_exists('Q5',$_REQUEST) && $_REQUEST['Q5'])
{
$_SESSION['lostpw']['A5'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
@ -99,7 +99,7 @@
"Username(ID): ".$_SESSION['lostpw']['user']['email']."(".$_SESSION['lostpw']['user']['id'].")\n".
"email: ".$_SESSION['lostpw']['user']['email']."\n".
"Requested Pass Phrase: ".$_SESSION['lostpw']['pw1']."\n".
"IP/Hostname: ".$_SERVER['REMOTE_ADDR']."/".$_SERVER['REMOTE_HOST']."\n".
"IP/Hostname: ".$_SERVER['REMOTE_ADDR'].(array_key_exists('REMOTE_HOST',$_SERVER)?"/".$_SERVER['REMOTE_HOST']:"")."\n".
"---------------------------------------------------------------------\n".$body.
"---------------------------------------------------------------------\n";
sendmail("support@cacert.org", "[CAcert.org] Requested Pass Phrase Change", $body,

Write Preview
Loading…
Cancel
Save