diff options
| author | Cassio de Campos <cassiopc@gmail.com> | 2018-08-24 18:49:51 +0000 |
|---|---|---|
| committer | Cassio de Campos <cassiopc@gmail.com> | 2018-08-24 18:49:51 +0000 |
| commit | 9a5387bd2637cdc9fb0496d094e503e484be10e9 (patch) | |
| tree | f3066cb67a237f426c5b219ad19a906cb2dffd85 /src/globals.php | |
| parent | 3cffb81354aac30059bef53406b6dcb96e262782 (diff) | |
| parent | e186493a2bd8fef5fc0c7ad47edefbabddb6f0ab (diff) | |
| download | boca-9a5387bd2637cdc9fb0496d094e503e484be10e9.tar.gz boca-9a5387bd2637cdc9fb0496d094e503e484be10e9.zip | |
Merge branch 'develc' of ssh://github.com/cassiopc/boca into develc
Diffstat (limited to 'src/globals.php')
| -rwxr-xr-x | src/globals.php | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/src/globals.php b/src/globals.php index fbbecce..f49d26b 100755 --- a/src/globals.php +++ b/src/globals.php @@ -32,12 +32,20 @@ function sanitizeVariables(&$item, $key) } } +function myrawurlencode($txt) { + return(rawurlencode(base64_encode($txt))); +} + +function myrawurldecode($txt) { + return(rawurldecode(base64_encode($txt))); +} + function filedownload($oid,$fname,$msg='') { $cf = globalconf(); - $if = rawurlencode(encryptData($fname, session_id() . $cf['key'],false)); + $if = myrawurlencode(encryptData($fname, session_id() . $cf['key'],false)); $p = myhash($oid . $fname . $msg . session_id() . $cf["key"]); $str = "oid=". $oid . "&filename=". $if . "&check=" . $p; - if($msg != '') $str .= "&msg=" . rawurlencode($msg); + if($msg != '') $str .= "&msg=" . myrawurlencode($msg); return $str; } function dirrec($dir, $user, $group, $dirPermissions, $filePermissions, $avoid=array()) { @@ -217,6 +225,8 @@ function sanitizeFilename($text) } function unsanitizeText($text) { + $text = str_replace("<", "<", $text); + $text = str_replace(">", ">", $text); $text = str_replace("&", "&", $text); return $text; } |