Mod-security doesn't like '+' in queries. Debug query now uses '!'

2025-01-17 04:38:27 +01:00 · 2020-12-22 15:17:29 -08:00 · 2020-12-22 15:17:29 -08:00 · 3c57f3fa96
commit 3c57f3fa96
parent 402d1f4126
3 changed files with 7 additions and 7 deletions
--- a/e107_core/shortcodes/batch/admin_shortcodes.php
+++ b/e107_core/shortcodes/batch/admin_shortcodes.php
@ -785,11 +785,11 @@ class admin_shortcodes
 					$after = '';
 				}

-				$link = $before."?[debug=".$var."+]".$after;
+				$link = $before."?[debug=".$var."!]".$after;
 			}
 			else
 			{
-				$link = e_REQUEST_URI."?[debug=".$var."+]";
+				$link = e_REQUEST_URI."?[debug=".$var."!]";
 			}

 			if(in_array($var,$dividerBefore))
--- a/e107_handlers/debug_handler.php
+++ b/e107_handlers/debug_handler.php
@ -100,7 +100,7 @@ class e107_debug {
 		if(deftrue('e_MENU'))
 		{
 			list($tmp,$alias) = explode('=', e_MENU);
-			return str_replace(['+','-', '0', '1'],'',$alias);
+			return str_replace(['!','+','-', '0', '1'],'',$alias);
 		}

 		if(empty($_COOKIE['e107_debug_level']))
@ -140,7 +140,7 @@ class e107_debug {
            return false;
        }

-        if (preg_match('/debug(=?)(.*?),?(\+|stick|-|unstick|$)/', e_MENU, $debug_param) || isset($_COOKIE['e107_debug_level']))
+        if (preg_match('/debug(=?)(.*?),?(!|\+|stick|-|unstick|$)/', e_MENU, $debug_param) || isset($_COOKIE['e107_debug_level']))
        {
            $dVals = '';
            if (!isset($debug_param[1]) || ($debug_param[1] == '')) $debug_param[1] = '=';
@ -149,7 +149,7 @@ class e107_debug {
                $dVals = substr($_COOKIE['e107_debug_level'], 6);
            }

-            if (preg_match('/debug(=?)(.*?),?(\+|stick|-|unstick|$)/', e_MENU))
+            if (preg_match('/debug(=?)(.*?),?(!|\+|stick|-|unstick|$)/', e_MENU))
            {
                $dVals = $debug_param[1] == '=' ? $debug_param[2] : 'everything';
            }
@ -172,7 +172,7 @@ class e107_debug {

            if (isset($debug_param[3]))
            {
-                if ($debug_param[3] == '+' || $debug_param[3] == 'stick')
+                if ($debug_param[3] == '!' || $debug_param[3] == '+' || $debug_param[3] == 'stick')
                {
                    cookie('e107_debug_level', 'level=' . $dVal, time() + 86400);
                }
--- a/install.php
+++ b/install.php
@ -256,7 +256,7 @@ if(isset($_POST['previous_steps']))
 	$tmp = unserialize(base64_decode($_POST['previous_steps']));

 	// Save unfiltered admin password (#4004) - " are transformed into &#34;
-	$tmpadminpass1 = $tmp['admin']['password']; 
+	$tmpadminpass1 = !empty($tmp['admin']['password']) ? $tmp['admin']['password'] : '';
 	
 	$tmp = filter_var_array($tmp, FILTER_SANITIZE_STRING);