X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Flibs%2Fsecurity_functions.php;h=0f34c42e88959f46dccc8be10052ac5b49556668;hb=310ab1fd53100627fa054ea5579f283ed77bfaec;hp=d1ec3e990f5c2445e2d157f272015dec9d716987;hpb=963e55ca1ea79e255f235e359cde9f7862191dc5;p=mailer.git

diff --git a/inc/libs/security_functions.php b/inc/libs/security_functions.php
index d1ec3e990f..0f34c42e88 100644
--- a/inc/libs/security_functions.php
+++ b/inc/libs/security_functions.php
@@ -32,7 +32,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if (!defined('__SECURITY')) {
+if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
 }
@@ -41,10 +41,17 @@ if (!defined('__SECURITY')) {
  * Function to secure input strings
  *
  * @param	$str	The unsecured string
+ * @param	$strip	Strip tags
  * @return	$str	A (hopefully) secured string against XSS and other bad things
  */
-function secureString ($str) {
-	$str = trim(strip_tags($str));
+function secureString ($str, $strip=true) {
+	// Shall we strip HTML code?
+	if ($strip) $str = strip_tags($str);
+
+	// Trim string
+	$str = trim($str);
+
+	// Encode in entities
 	$str = htmlentities($str, ENT_QUOTES);
 	return $str;
 }