Improved register_globals
This commit is contained in:
parent
745da10a47
commit
770e67c7bc
1 changed files with 18 additions and 16 deletions
34
www/wot.php
34
www/wot.php
|
@ -26,6 +26,8 @@
|
|||
if(array_key_exists('location',$_POST) && $_POST['location'] != "")
|
||||
$_SESSION['_config']['location'] = $_POST['location'];
|
||||
|
||||
$oldid=array_key_exists('oldid',$_REQUEST)?intval($_REQUEST['oldid']):0;
|
||||
|
||||
if($oldid == 12)
|
||||
{
|
||||
$id = $oldid;
|
||||
|
@ -41,11 +43,11 @@
|
|||
|
||||
if($oldid == 6 && intval($_SESSION['_config']['notarise']['id']) <= 0)
|
||||
{
|
||||
unset($oldid);
|
||||
$oldid=0;
|
||||
$id = 5;
|
||||
}
|
||||
|
||||
if($oldid == 5 && $_POST['reminder'] != "")
|
||||
if($oldid == 5 && array_key_exists('reminder',$_POST) && $_POST['reminder'] != "")
|
||||
{
|
||||
$body = "";
|
||||
if($_POST['reminder-lang'] != "" && $_POST['reminder-lang'] != "en_AU")
|
||||
|
@ -80,7 +82,7 @@
|
|||
$_SESSION['_config']['error'] = _("A reminder notice has been sent.");
|
||||
|
||||
$id = $oldid;
|
||||
unset($oldid);
|
||||
$oldid=0;
|
||||
}
|
||||
|
||||
if($oldid == 5)
|
||||
|
@ -91,7 +93,7 @@
|
|||
if(mysql_num_rows($res) != 1)
|
||||
{
|
||||
$id = $oldid;
|
||||
unset($oldid);
|
||||
$oldid=0;
|
||||
$_SESSION['_config']['error'] = _("I'm sorry, there was no email matching what you entered in the system. Please double check your information.");
|
||||
$_SESSION['_config']['noemailfound'] = 1;
|
||||
} else {
|
||||
|
@ -101,7 +103,7 @@
|
|||
|
||||
if($oldid == 5 || $oldid == 6)
|
||||
{
|
||||
if($_REQUEST['cancel'] != "")
|
||||
if(array_key_exists('cancel',$_REQUEST) && $_REQUEST['cancel'] != "")
|
||||
{
|
||||
header("location: wot.php");
|
||||
exit;
|
||||
|
@ -110,7 +112,7 @@
|
|||
if($_SESSION['_config']['notarise']['id'] == $_SESSION['profile']['id'])
|
||||
{
|
||||
$id = 5;
|
||||
unset($oldid);
|
||||
$oldid=0;
|
||||
$_SESSION['_config']['error'] = _("You are never allowed to Assure yourself!");
|
||||
}
|
||||
}
|
||||
|
@ -124,7 +126,7 @@
|
|||
if(mysql_num_rows($res) > 0 && $_SESSION['profile']['points'] < 200)
|
||||
{
|
||||
$id = 5;
|
||||
unset($oldid);
|
||||
$oldid=0;
|
||||
$_SESSION['_config']['error'] = _("You are only allowed to Assure someone once!");
|
||||
} elseif($oldid == 5) {
|
||||
$id = 6;
|
||||
|
@ -153,17 +155,17 @@
|
|||
|
||||
if($oldid == 6)
|
||||
{
|
||||
if($_POST['assertion'] != 1 || $_POST['rules'] != 1)
|
||||
if(!array_key_exists('assertion',$_POST) || $_POST['assertion'] != 1 || !array_key_exists('rules',$_POST) || $_POST['rules'] != 1)
|
||||
{
|
||||
$id = $oldid;
|
||||
unset($oldid);
|
||||
$oldid=0;
|
||||
$_SESSION['_config']['error'] = _("You failed to check all boxes to validate your adherence to the rules and policies of CAcert");
|
||||
}
|
||||
|
||||
if($_POST['certify'] != 1 && $_SESSION['profile']['ttpadmin'] != 1)
|
||||
{
|
||||
$id = $oldid;
|
||||
unset($oldid);
|
||||
$oldid=0;
|
||||
$_SESSION['_config']['error'] = _("You failed to check all boxes to validate your adherence to the rules and policies of CAcert");
|
||||
}
|
||||
}
|
||||
|
@ -173,7 +175,7 @@
|
|||
if($_POST['location'] == "")
|
||||
{
|
||||
$id = $oldid;
|
||||
unset($oldid);
|
||||
$oldid=0;
|
||||
$_SESSION['_config']['error'] = _("You failed to enter a location of your meeting.");
|
||||
}
|
||||
}
|
||||
|
@ -187,7 +189,7 @@
|
|||
if($_SESSION['_config']['wothash'] != md5($name."-".$row['dob']) || $_SESSION['_config']['wothash'] != $_REQUEST['pagehash'])
|
||||
{
|
||||
$id = $oldid;
|
||||
unset($oldid);
|
||||
$oldid=0;
|
||||
$_SESSION['_config']['error'] = _("Race condition discovered, user altered details during assurance procedure. PLEASE MAKE SURE THE NEW DETAILS BELOW MATCH THE ID DOCUMENTS.");
|
||||
}
|
||||
}
|
||||
|
@ -195,7 +197,7 @@
|
|||
if($oldid == 6 && $_REQUEST['points'] == "")
|
||||
{
|
||||
$id = $oldid;
|
||||
unset($oldid);
|
||||
$oldid=0;
|
||||
$_SESSION['_config']['error'] = _("You must enter the number of points you wish to allocate to this person.");
|
||||
}
|
||||
|
||||
|
@ -269,7 +271,7 @@
|
|||
if(mysql_num_rows($res) > 0)
|
||||
{
|
||||
$id = $oldid;
|
||||
unset($oldid);
|
||||
$oldid=0;
|
||||
$_SESSION['_config']['error'] = _("Identical Assurance attempted, will not continue.");
|
||||
}
|
||||
}
|
||||
|
@ -426,7 +428,7 @@
|
|||
{
|
||||
if($_SESSION['_config']['pagehash'] != $_REQUEST['pageid'])
|
||||
{
|
||||
unset($oldid);
|
||||
$oldid=0;
|
||||
$id = 9;
|
||||
$error = _("It looks like you were trying to contact multiple people, this isn't allowed due to data security reasons.");
|
||||
} else {
|
||||
|
@ -453,7 +455,7 @@
|
|||
}
|
||||
}
|
||||
} elseif($oldid == 9) {
|
||||
unset($oldid);
|
||||
$oldid=0;
|
||||
$error = _("There was an error and I couldn't proceed");
|
||||
$id = 9;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue