LesLibres.org/Rss-Bridge
2
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

[core] use filter_input() instead of direct access to $_REQUEST

Browse source 
Signed-off-by: Pierre Mazière <pierre.maziere@gmx.com>
This commit is contained in:
Pierre Mazière 2016-08-23 14:22:02 +02:00
parent b3af604cc1
commit 13285f080a
1 changed files with 13 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
index.php
View file

@ -91,15 +91,13 @@ try{
Format::setDir(__DIR__ . '/formats/'); Format::setDir(__DIR__ . '/formats/');
Cache::setDir(__DIR__ . '/caches/'); Cache::setDir(__DIR__ . '/caches/');
if( isset($_REQUEST) && isset($_REQUEST['action']) ){ $action=filter_input(INPUT_GET,'action');
switch($_REQUEST['action']){ $bridge=filter_input(INPUT_GET,'bridge');
case 'display': if($action === 'display' && !empty($bridge)){
if( isset($_REQUEST['bridge']) ){ unset($_REQUEST['action']);
unset($_REQUEST['action']); unset($_REQUEST['bridge']);
$bridge = $_REQUEST['bridge']; $format = $_REQUEST['format'];
unset($_REQUEST['bridge']); unset($_REQUEST['format']);
$format = $_REQUEST['format'];
unset($_REQUEST['format']);
// whitelist control // whitelist control
if(!Bridge::isWhitelisted($whitelist_selection, $bridge)) { if(!Bridge::isWhitelisted($whitelist_selection, $bridge)) {
@ -115,9 +113,9 @@ try{
} else { } else {
$bridge->setCache($cache); // just add disable cache to your query to disable caching $bridge->setCache($cache); // just add disable cache to your query to disable caching
} }
if(defined('PROXY_URL') && PROXY_BYBRIDGE &&
isset($_REQUEST['_noproxy']) $noproxy=filter_input(INPUT_GET,'_noproxy');
){ if(defined('PROXY_URL') && PROXY_BYBRIDGE && !empty($noproxy)){
$bridge->useProxy=false; $bridge->useProxy=false;
} }
$bridge->loadMetadatas(); $bridge->loadMetadatas();
@ -138,10 +136,8 @@ try{
} }
die; die;
}
break; }
}
}
} }
catch(HttpException $e){ catch(HttpException $e){
header('HTTP/1.1 ' . $e->getCode() . ' ' . Http::getMessageForCode($e->getCode())); header('HTTP/1.1 ' . $e->getCode() . ' ' . Http::getMessageForCode($e->getCode()));
@ -173,7 +169,7 @@ $formats = Format::searchInformation();
</header> </header>
<?php <?php
$activeFoundBridgeCount = 0; $activeFoundBridgeCount = 0;
$showInactive = isset($_REQUEST['show_inactive']) && $_REQUEST['show_inactive'] == 1; $showInactive = filter_input(INPUT_GET,'show_inactive',FILTER_VALIDATE_BOOLEAN);
$inactiveBridges = ''; $inactiveBridges = '';
$bridgeList = Bridge::listBridges(); $bridgeList = Bridge::listBridges();
foreach($bridgeList as $bridgeName) foreach($bridgeList as $bridgeName)