mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-05-01 17:57:56 +02:00
Code Issues Releases Wiki Activity

Debug info cleanup

Browse Source
This commit is contained in:
Cameron 2015-03-29 20:26:35 -07:00
parent e3e51fa59c
commit 899281eaaf
3 changed files with 36 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
e107_handlers/e107_class.php
View File

@ -339,12 +339,11 @@ class e107
*/
protected function _init($e107_paths, $e107_root_path, $e107_config_mysql_info, $e107_config_override = array())
{
if(empty($this->e107_dirs))
{
// Do some security checks/cleanup, prepare the environment
$this->prepare_request();
// mysql connection info
$this->e107_config_mysql_info = $e107_config_mysql_info;
@ -2766,7 +2765,7 @@ class e107
{
define('e_AJAX_REQUEST', isset($_REQUEST['ajax_used']));
}
unset($_REQUEST['ajax_used']); // removed because it's auto-appended from JS (AJAX), could break something...
//$GLOBALS['_E107'] - minimal mode - here because of the e_AJAX_REQUEST
@ -2861,6 +2860,10 @@ class e107
if(preg_match($regex,$input))
{
header('HTTP/1.0 400 Bad Request', true, 400);
if(deftrue('e_DEBUG'))
{
echo "Bad Request: ".__METHOD__." : ". __LINE__;
}
exit();
}
@ -2869,12 +2872,20 @@ class e107
if(preg_match($regex,$input))
{
header('HTTP/1.0 400 Bad Request', true, 400);
if(deftrue('e_DEBUG'))
{
echo "Bad Request: ".__METHOD__." : ". __LINE__;
}
exit();
}
if(preg_match("/system *?\((.*);.*\)/i",$input))
if(preg_match("/system\((.*);.*\)/i",$input))
{
header('HTTP/1.0 400 Bad Request', true, 400);
if(deftrue('e_DEBUG'))
{
echo "Bad Request: ".__METHOD__." : ". __LINE__;
}
exit();
}
@ -2882,6 +2893,10 @@ class e107
if(preg_match($regex,$input))
{
header('HTTP/1.0 400 Bad Request', true, 400);
if(deftrue('e_DEBUG'))
{
echo "Bad Request: ".__METHOD__." : ". __LINE__;
}
exit();
}
@ -2900,12 +2915,20 @@ class e107
{
header('HTTP/1.0 400 Bad Request', true, 400);
if(deftrue('e_DEBUG'))
{
echo "Bad Request: ".__METHOD__." : ". __LINE__;
}
exit();
}
if(($key == "HTTP_USER_AGENT") && strpos($input,"libwww-perl")!==FALSE)
{
header('HTTP/1.0 400 Bad Request', true, 400);
if(deftrue('e_DEBUG'))
{
echo "Bad Request: ".__METHOD__." : ". __LINE__;
}
exit();
}
@ -2915,6 +2938,10 @@ class e107
if(strpos(str_replace('.', '', $input), '22250738585072011') !== FALSE) // php-bug 53632
{
header('HTTP/1.0 400 Bad Request', true, 400);
if(deftrue('e_DEBUG'))
{
echo "Bad Request: ".__METHOD__." : ". __LINE__;
}
exit();
}

7
e107_handlers/e_parse_class.php
View File

@ -505,7 +505,7 @@ class e_parse extends e_parser
return $ret;
}
if (MAGIC_QUOTES_GPC == TRUE && $nostrip == FALSE)
{
@ -515,7 +515,7 @@ class e_parse extends e_parser
if ($mod != 'pReFs') //XXX We're not saving prefs.
{
$data = $this->preFilter($data); // used by bb_xxx.php toDB() functions. bb_code.php toDB() allows us to properly bypass HTML cleaning below.
if (strip_tags($data) != $data) // html tags present.
{
// return $data;
@ -1593,10 +1593,11 @@ class e_parse extends e_parser
elseif(substr($sub_blk, 0, 6) == '<style')
{
// Its a style block - just pass it through unaltered - except, do we need the line break stuff? - QUERY XXX-01
if(DB_INF_SHOW)
if(defined('DB_INF_SHOW'))
{
echo "Processing stylesheet: {$sub_blk}<br />";
}
$ret_parser .= $sub_blk;
}
else

2
e107_handlers/notify_class.php
View File

@ -40,7 +40,7 @@ class notify
{
$active = e107::getConfig()->get('notify');
if(empty($active))
if(empty($active) && e_PAGE == 'notify.php')
{
e107::getMessage()->addDebug('Notify is disabled!');
return false;