From acbb8dff1439b0d05709a93fff356e7f6b829da6 Mon Sep 17 00:00:00 2001 From: Ludovic Pouzenc Date: Wed, 30 Oct 2013 14:04:56 +0100 Subject: INI et Unicode. Avancée sur fonctions AJAX et trados. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- code/admin/ajax.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'code/admin/ajax.php') diff --git a/code/admin/ajax.php b/code/admin/ajax.php index 0893843..fd6dab5 100644 --- a/code/admin/ajax.php +++ b/code/admin/ajax.php @@ -15,11 +15,12 @@ } function save_page_props($path) { - //TODO : Should validate props here also... $props=load_page_props($path); foreach ( array('page_title', 'page_description', 'page_keywords') as $k ) { - if ( array_key_exists($k,$_GET) ) $props[$k]=$_GET[$k]; + if ( array_key_exists($k,$_GET) ) { + $props[$k]= sanitize($_GET, $k, RE_TEXT_LINE_CLEANER, ''); + } } $ini_path="content/$path/props.ini"; @@ -31,8 +32,8 @@ } // URL params clean-up - $action=sanitize($_GET, 'action', '/[^a-z_]+/', 'none'); /* Could be : load_page_props, load_media_props... */ - $path=sanitize($_GET, 'path', '/[^a-z0-9\/]+/', ''); // Never put \. in this regex + $action=sanitize($_GET, 'action', RE_IDENTIFIER_CLEANER, 'none'); /* Could be : load_page_props, load_media_props... */ + $path = sanitize($_GET, 'path', RE_RELPATH_CLEANER, ''); switch($action) { case 'load_page_props': -- cgit v1.2.3