cacert
/
cacert-webdb
9
0
Fork 0
Code Issues Pull Requests 5 Projects Releases 3 Wiki Activity

Improved register_globals

Browse Source
pull/1/head
root 16 years ago
parent 8000fa8754
commit 25c01c726f
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File

12
www/index.php
Unescape Escape View File

@ -49,7 +49,7 @@
$qs = array(); $qs = array();
$id = $oldid; $id = $oldid;
$oldid = 0; $oldid = 0;
if($_REQUEST['Q1']) if(array_key_exists('Q1',$_REQUEST) && $_REQUEST['Q1'])
{ {
$_SESSION['lostpw']['A1'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A1'])))); $_SESSION['lostpw']['A1'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
@ -57,7 +57,7 @@
$answers++; $answers++;
$body .= "System: ".$_SESSION['lostpw']['user']['A1']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A1']))."\n"; $body .= "System: ".$_SESSION['lostpw']['user']['A1']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A1']))."\n";
} }
if($_REQUEST['Q2']) if(array_key_exists('Q2',$_REQUEST) && $_REQUEST['Q2'])
{ {
$_SESSION['lostpw']['A2'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A2'])))); $_SESSION['lostpw']['A2'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
@ -65,7 +65,7 @@
$answers++; $answers++;
$body .= "System: ".$_SESSION['lostpw']['user']['A2']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A2']))."\n"; $body .= "System: ".$_SESSION['lostpw']['user']['A2']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A2']))."\n";
} }
if($_REQUEST['Q3']) if(array_key_exists('Q3',$_REQUEST) && $_REQUEST['Q3'])
{ {
$_SESSION['lostpw']['A3'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A3'])))); $_SESSION['lostpw']['A3'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
@ -73,7 +73,7 @@
$answers++; $answers++;
$body .= "System: ".$_SESSION['lostpw']['user']['A3']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A3']))."\n"; $body .= "System: ".$_SESSION['lostpw']['user']['A3']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A3']))."\n";
} }
if($_REQUEST['Q4']) if(array_key_exists('Q4',$_REQUEST) && $_REQUEST['Q4'])
{ {
$_SESSION['lostpw']['A4'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A4'])))); $_SESSION['lostpw']['A4'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
@ -81,7 +81,7 @@
$answers++; $answers++;
$body .= "System: ".$_SESSION['lostpw']['user']['A4']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A4']))."\n"; $body .= "System: ".$_SESSION['lostpw']['user']['A4']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A4']))."\n";
} }
if($_REQUEST['Q5']) if(array_key_exists('Q5',$_REQUEST) && $_REQUEST['Q5'])
{ {
$_SESSION['lostpw']['A5'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A5'])))); $_SESSION['lostpw']['A5'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
@ -99,7 +99,7 @@
"Username(ID): ".$_SESSION['lostpw']['user']['email']."(".$_SESSION['lostpw']['user']['id'].")\n". "Username(ID): ".$_SESSION['lostpw']['user']['email']."(".$_SESSION['lostpw']['user']['id'].")\n".
"email: ".$_SESSION['lostpw']['user']['email']."\n". "email: ".$_SESSION['lostpw']['user']['email']."\n".
"Requested Pass Phrase: ".$_SESSION['lostpw']['pw1']."\n". "Requested Pass Phrase: ".$_SESSION['lostpw']['pw1']."\n".
"IP/Hostname: ".$_SERVER['REMOTE_ADDR']."/".$_SERVER['REMOTE_HOST']."\n". "IP/Hostname: ".$_SERVER['REMOTE_ADDR'].(array_key_exists('REMOTE_HOST',$_SERVER)?"/".$_SERVER['REMOTE_HOST']:"")."\n".
"---------------------------------------------------------------------\n".$body. "---------------------------------------------------------------------\n".$body.
"---------------------------------------------------------------------\n"; "---------------------------------------------------------------------\n";
sendmail("support@cacert.org", "[CAcert.org] Requested Pass Phrase Change", $body, sendmail("support@cacert.org", "[CAcert.org] Requested Pass Phrase Change", $body,

Write Preview
Loading…
Cancel
Save