diff options
| author | cassiopc <cassiopc@gmail.com> | 2018-08-23 14:25:32 +0000 |
|---|---|---|
| committer | cassiopc <cassiopc@gmail.com> | 2018-08-23 14:25:32 +0000 |
| commit | e186493a2bd8fef5fc0c7ad47edefbabddb6f0ab (patch) | |
| tree | 700622a2ad1516a7d3a1b0184f07c7087b2ce7bd /src/globals.php | |
| parent | 25e1cce50cc8c7cbbedc38675dd71e8a9944f451 (diff) | |
| download | boca-e186493a2bd8fef5fc0c7ad47edefbabddb6f0ab.tar.gz boca-e186493a2bd8fef5fc0c7ad47edefbabddb6f0ab.zip | |
improvements of scripts and fixes about urls
Diffstat (limited to 'src/globals.php')
| -rwxr-xr-x | src/globals.php | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/src/globals.php b/src/globals.php index fbbecce..f49d26b 100755 --- a/src/globals.php +++ b/src/globals.php @@ -32,12 +32,20 @@ function sanitizeVariables(&$item, $key) } } +function myrawurlencode($txt) { + return(rawurlencode(base64_encode($txt))); +} + +function myrawurldecode($txt) { + return(rawurldecode(base64_encode($txt))); +} + function filedownload($oid,$fname,$msg='') { $cf = globalconf(); - $if = rawurlencode(encryptData($fname, session_id() . $cf['key'],false)); + $if = myrawurlencode(encryptData($fname, session_id() . $cf['key'],false)); $p = myhash($oid . $fname . $msg . session_id() . $cf["key"]); $str = "oid=". $oid . "&filename=". $if . "&check=" . $p; - if($msg != '') $str .= "&msg=" . rawurlencode($msg); + if($msg != '') $str .= "&msg=" . myrawurlencode($msg); return $str; } function dirrec($dir, $user, $group, $dirPermissions, $filePermissions, $avoid=array()) { @@ -217,6 +225,8 @@ function sanitizeFilename($text) } function unsanitizeText($text) { + $text = str_replace("<", "<", $text); + $text = str_replace(">", ">", $text); $text = str_replace("&", "&", $text); return $text; } |