From: hickert Date: Fri, 7 Oct 2005 06:17:14 +0000 (+0000) Subject: git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@1522 594d385d-05f5-0310... X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=cc2de47023584285f289c222e64bd7c6aeb5a927;p=gosa.git git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@1522 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/plugins/admin/fai/class_faiHook.inc b/plugins/admin/fai/class_faiHook.inc index 14183bf19..12bd2b123 100644 --- a/plugins/admin/fai/class_faiHook.inc +++ b/plugins/admin/fai/class_faiHook.inc @@ -154,11 +154,19 @@ class faiHook extends plugin $smarty->assign("SubObjects",$this->getList()); $smarty->assign("SubObjectKeys",array_flip($this->getList())); - /* Assign variables */ + + /* Magic quotes GPC, escapes every ' " \, to solve some security risks + * If we post the escaped strings they will be escaped again + */ foreach($this->attributes as $attrs){ - $smarty->assign($attrs,$this->$attrs); + if(get_magic_quotes_gpc()){ + $smarty->assign($attrs,stripslashes($this->$attrs)); + }else{ + $smarty->assign($attrs,($this->$attrs)); + } } + $display.= $smarty->fetch(get_template_path('faiHook.tpl', TRUE)); return($display); } diff --git a/plugins/admin/fai/class_faiHookEntry.inc b/plugins/admin/fai/class_faiHookEntry.inc index ced60480d..79e35c86e 100644 --- a/plugins/admin/fai/class_faiHookEntry.inc +++ b/plugins/admin/fai/class_faiHookEntry.inc @@ -56,10 +56,18 @@ class faiHookEntry extends plugin } } + /* Magic quotes GPC, escapes every ' " \, to solve some security risks + * If we post the escaped strings they will be escaped again + */ foreach($this->attributes as $attrs){ - $smarty->assign($attrs,stripslashes($this->$attrs)); + if(get_magic_quotes_gpc()){ + $smarty->assign($attrs,stripslashes($this->$attrs)); + }else{ + $smarty->assign($attrs,($this->$attrs)); + } } + for($i =1 ; $i <= 100 ; $i++){ $Object_FAIprioritys[$i]=$i; } diff --git a/plugins/admin/fai/class_faiVariable.inc b/plugins/admin/fai/class_faiVariable.inc index d14d7d846..d2e74c469 100644 --- a/plugins/admin/fai/class_faiVariable.inc +++ b/plugins/admin/fai/class_faiVariable.inc @@ -144,11 +144,19 @@ class faiVariable extends plugin $smarty->assign("SubObjects",$this->getList()); $smarty->assign("SubObjectKeys",array_flip($this->getList())); - /* Assign variables */ + + /* Magic quotes GPC, escapes every ' " \, to solve some security risks + * If we post the escaped strings they will be escaped again + */ foreach($this->attributes as $attrs){ - $smarty->assign($attrs,$this->$attrs); + if(get_magic_quotes_gpc()){ + $smarty->assign($attrs,stripslashes($this->$attrs)); + }else{ + $smarty->assign($attrs,($this->$attrs)); + } } + $display.= $smarty->fetch(get_template_path('faiVariable.tpl', TRUE)); return($display); } diff --git a/plugins/admin/fai/class_faiVariableEntry.inc b/plugins/admin/fai/class_faiVariableEntry.inc index e972c420d..44780047c 100644 --- a/plugins/admin/fai/class_faiVariableEntry.inc +++ b/plugins/admin/fai/class_faiVariableEntry.inc @@ -41,8 +41,15 @@ class faiVariableEntry extends plugin $smarty = get_smarty(); $display = ""; + /* Magic quotes GPC, escapes every ' " \, to solve some security risks + * If we post the escaped strings they will be escaped again + */ foreach($this->attributes as $attrs){ - $smarty->assign($attrs,stripslashes($this->$attrs)); + if(get_magic_quotes_gpc()){ + $smarty->assign($attrs,stripslashes($this->$attrs)); + }else{ + $smarty->assign($attrs,($this->$attrs)); + } } for($i =1 ; $i <= 100 ; $i++){