![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/plugins/admin/fai/class_faiVariableEntry.inc b/plugins/admin/fai/class_faiVariableEntry.inc
index 3f993cb90c9c0a4bdd56f19364261976074734b6..44780047c8add96fad704f6aa30a5d4d81600586 100644 (file)
$smarty = get_smarty();
$display = "";
+ /* Magic quotes GPC, escapes every ' " \, to solve some security risks
+ * If we post the escaped strings they will be escaped again
+ */
foreach($this->attributes as $attrs){
- $smarty->assign($attrs,stripslashes($this->$attrs));
+ if(get_magic_quotes_gpc()){
+ $smarty->assign($attrs,stripslashes($this->$attrs));
+ }else{
+ $smarty->assign($attrs,($this->$attrs));
+ }
}
for($i =1 ; $i <= 100 ; $i++){
{
$message= array();
- $str = utf8_encode("üöä");
if(empty($this->Object_FAIvariableContent)) {
$message[]=_("Please specify a value for the attribute 'content'.");
}
- if(empty($this->Object_description)){
- $message[] = _("Please enter a description.");
- }
-
- if(preg_match("/[^a-z0-9".$str."\.,;:\-_\? ]/i",$this->Object_description)){
- $message[] = _("Invalid character in description. Please enter a valid description.");
- }
-
if(empty($this->Object_cn)){
$message[] = _("Please enter a name.");
}