Community Add-Ons

Maintainers: mauriziomagnino
Add file to this package
Top » Features

Sanitize modified for general.php
for osCommerce Online Merchant v2.2

in the file :
..catalogincludesfunctionsgeneral.php

replace

function tep_sanitize_string($string) {
$string = ereg_replace(' +', ' ', trim($string));

return preg_replace("/[<>]/", '_', $string);
}


to


function tep_sanitize_string($string) {
$string = ereg_replace(' +', ' ', trim($string));
// aggiunto per sicurezza BEGIN SANITIZE
$string = preg_replace("/[<]/", '(' , $string);
$string = preg_replace("/[>]/", ')' , $string);
$string = preg_replace("/[/]/", '\' , $string);
$string = preg_replace("/[:]/", ';' , $string);
$string = preg_replace("/[[]/", '(' , $string);
$string = preg_replace("/[]]/", ')' , $string);
$string = preg_replace("/[{]/", '(' , $string);
$string = preg_replace("/[}]/", ')' , $string);
// fine aggiunta sicurezza END SANITIZE
return preg_replace("/[<>]/", '_', $string);
}

Legend:  Download   Report
Expand All / Collapse All
to what it serves ? mauriziomagnino 16 May 2006  

to change to all the INPUT , for secure result.

OLD = standard
NESW = my version

<script> OLD => script
<script> NEWS => (script)
[aaa] OLD => [aaa] IDEM
[aaa] NESW => (aaa)
aa/aa OLD => aa/aa IDEM
aa/aa NESW => aaaa
{aaa} OLD => {aaa} IDEM
{aaa} NESW => (aaa)

only for CLIENT user, not for ADMIN !

Sanitize modified for general.php mauriziomagnino 13 May 2006