mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 05:50:42 +02:00
Code Issues Releases Wiki Activity

[feature/request-class] Replace direct use of GET/REQUEST with request_var.

Browse Source 
Now with $_VARs causing fatal errors we should really be able to find and
delete all of these occurances.

PHPBB3-9716
This commit is contained in:
Nils Adermann
2010-03-11 16:08:19 +01:00
parent 76e530196b
commit 6beeda79eb
2 changed files with 9 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
phpBB/includes/session.php
View File

@@ -130,7 +130,7 @@ class session
'root_script_path' => str_replace(' ', '%20', htmlspecialchars($root_script_path)),
'page' => $page,
'forum' => (isset($_REQUEST['f']) && $_REQUEST['f'] > 0) ? (int) $_REQUEST['f'] : 0,
'forum' => request_var('f', 0),
);
return $page_array;
@@ -318,7 +318,7 @@ class session
}
// Is session_id is set or session_id is set and matches the url param if required
if (!empty($this->session_id) && (!defined('NEED_SID') || (isset($_GET['sid']) && $this->session_id === $_GET['sid'])))
if (!empty($this->session_id) && (!defined('NEED_SID') || (isset($_GET['sid']) && $this->session_id === request_var('sid', ''))))
{
$sql = 'SELECT u.*, s.*
FROM ' . SESSIONS_TABLE . ' s, ' . USERS_TABLE . " u
@@ -1591,11 +1591,12 @@ class user extends session
$this->add_lang($lang_set);
unset($lang_set);
if (!empty($_GET['style']) && $auth->acl_get('a_styles') && !defined('ADMIN_START'))
$style_request = request_var('style', 0);
if ($style_request && $auth->acl_get('a_styles') && !defined('ADMIN_START'))
{
global $SID, $_EXTRA_URL;
$style = request_var('style', 0);
$style = $style_request;
$SID .= '&style=' . $style;
$_EXTRA_URL = array('style=' . $style);
}