addslashes() did escape also single quotes (') which breaks some banner rotation...

diff --git a/inc/classes/cachesystem.class.php b/inc/classes/cachesystem.class.php
index 7a068539c6ed220f940bbf2a6d51b3a22da44b94..665d39f6ce2971f565e5c64a68a1f0e7d3a7492e 100644 (file)
--- a/inc/classes/cachesystem.class.php
+++ b/inc/classes/cachesystem.class.php
@@ -475,7 +475,7 @@ class CacheSystem {
                // String or non-string? ;-)
                if (is_string($value)) {
                        // String...
-                       $line = '$this->' . $prefix . "['".$this->name."']['" . $key . "']" . $extender . " = '" . addslashes($value) . "';\n";
+                       $line = '$this->' . $prefix . "['".$this->name."']['" . $key . "']" . $extender . " = '" . escapeQuotes($value) . "';\n";
                } elseif (is_null($value)) {
                        // Null
                        $line = '$this->' . $prefix . "['".$this->name."']['" . $key . "']" . $extender . " = null;\n";

diff --git a/inc/config-functions.php b/inc/config-functions.php
index 694a53eb639071f9f1010524ff658d073c899fa4..609e5c06f99554ad00c053025229ed6c821f5d39 100644 (file)
--- a/inc/config-functions.php
+++ b/inc/config-functions.php
@@ -201,7 +201,7 @@ function updateOldConfigFile () {
                        // Is the line found?
                        if ((substr($line, 0, strlen($old)) == $old) && (!isset($done[$old]))) {
                                // Entry found!
-                               //* DEBUG: */ outputHtml(htmlentities($line) . " - FOUND!<br />");
+                               //* DEBUG: */ outputHtml(secureString($line) . " - FOUND!<br />");
 
                                // Eval the line...
                                eval($line);
@@ -259,7 +259,7 @@ function updateOldConfigFile () {
                        }
 
                        // Debug output only
-                       //* DEBUG: */ outputHtml(htmlentities($line) . " - MySQL!<br />");
+                       //* DEBUG: */ outputHtml(secureString($line) . " - MySQL!<br />");
 
                        // Split parts so we can check them and prepare them
                        $parts = explode('=>', $line);

diff --git a/inc/db/lib-mysql3.php b/inc/db/lib-mysql3.php
index 8c20de47cf773f49493b16cb10013935ec27f249..1c96788f119476f58d7db9bbd08d69f46e1018dc 100644 (file)
--- a/inc/db/lib-mysql3.php
+++ b/inc/db/lib-mysql3.php
@@ -313,8 +313,8 @@ function SQL_ESCAPE ($str, $secureString=true, $strip=true) {
                } // END - if
 
                if (!SQL_IS_LINK_UP()) {
-                       // Fall-back to addslashes() when there is no link
-                       $ret = addslashes($str);
+                       // Fall-back to escapeQuotes() when there is no link
+                       $ret = escapeQuotes($str);
                } elseif (function_exists('mysql_real_escape_string')) {
                        // The new and improved version
                        //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str='.$str);
@@ -323,8 +323,8 @@ function SQL_ESCAPE ($str, $secureString=true, $strip=true) {
                        // The obsolete function
                        $ret = mysql_escape_string($str, SQL_GET_LINK());
                } else {
-                       // If nothing else works, fall back to addslashes() again
-                       $ret = addslashes($str);
+                       // If nothing else works, fall back to escapeQuotes() again
+                       $ret = escapeQuotes($str);
                }
 
                // Cache result

diff --git a/inc/filters.php b/inc/filters.php
index d18c91e74191d8a4fa2e264f7635c50fb8bcdab4..90478a949f36383aa99488d420c6249a4b4d63d2 100644 (file)
--- a/inc/filters.php
+++ b/inc/filters.php
@@ -423,7 +423,7 @@ function FILTER_COMPILE_CONFIG ($code, $compiled = false) {
 
                                // Use this for replacing
                                $code = str_replace($match, $GLOBALS['compile_config'][$matches[1][$key]], $code);
-                               //* DEBUG: */ if (($match == '{?URL?}') && (strlen($code) > 10000)) die('<pre>'.htmlentities($code).'</pre>');
+                               //* DEBUG: */ if (($match == '{?URL?}') && (strlen($code) > 10000)) die('<pre>'.secureString($code).'</pre>');
                        } // END - foreach
                } // END - if
 
@@ -473,7 +473,7 @@ function FILTER_COMPILE_EXTENSION ($code) {
        } // END - if
 
        // Return compiled code
-       //* DEBUG: */ die('<pre>'.htmlentities($code).'</pre>');
+       //* DEBUG: */ die('<pre>'.secureString($code).'</pre>');
        return $code;
 }
 

diff --git a/inc/functions.php b/inc/functions.php
index c68f9cb293ddd99be3a2435097d0a82d347cd4a4..0d11b7f068a7c2b06f0409adfcabe0e0710e16aa 100644 (file)
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -163,7 +163,7 @@ function compileFinalOutput () {
                $newContent = '';
 
                // Compile it
-               $eval = "\$newContent = \"".compileCode(addslashes($GLOBALS['output']))."\";";
+               $eval = "\$newContent = \"".compileCode(escapeQuotes($GLOBALS['output']))."\";";
                eval($eval);
 
                // Was that eval okay?
@@ -204,7 +204,7 @@ function getFatalArray () {
 }
 
 // Add a fatal error message to the queue array
-function addFatalMessage ($F, $L, $message, $extra='') {
+function addFatalMessage ($F, $L, $message, $extra = '') {
        if (is_array($extra)) {
                // Multiple extras for a message with masks
                $message = call_user_func_array('sprintf', $extra);
@@ -218,7 +218,7 @@ function addFatalMessage ($F, $L, $message, $extra='') {
 
        // Log fatal messages away
        debug_report_bug($message);
-       logDebugMessage($F, $L, " message={$message}");
+       logDebugMessage($F, $L, 'Fatal error message: ' . $message);
 }
 
 // Getter for total fatal message count
@@ -237,7 +237,7 @@ function getTotalFatalErrors () {
 }
 
 // Load a template file and return it's content (only it's name; do not use ' or ")
-function loadTemplate ($template, $return=false, $content=array()) {
+function loadTemplate ($template, $return = false, $content = array()) {
        // @TODO Remove this sanity-check if all is fine
        if (!is_bool($return)) debug_report_bug('return is not bool (' . gettype($return) . ')');
 
@@ -255,73 +255,18 @@ function loadTemplate ($template, $return=false, $content=array()) {
                // Make all template names lowercase
                $template = strtolower($template);
 
-               // Count the template load
-               incrementConfigEntry('num_templates');
-
                // Init some data
                $ret = '';
                if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = '0';
 
                // Base directory
                $basePath = sprintf("%stemplates/%s/html/", getConfig('PATH'), getLanguage());
-               $mode = '';
-
-               // Check for admin/guest/member templates
-               if (substr($template, 0, 6) == 'admin_') {
-                       // Admin template found
-                       $mode = 'admin/';
-               } elseif (substr($template, 0, 6) == 'guest_') {
-                       // Guest template found
-                       $mode = 'guest/';
-               } elseif (substr($template, 0, 7) == 'member_') {
-                       // Member template found
-                       $mode = 'member/';
-               } elseif (substr($template, 0, 8) == 'install_') {
-                       // Installation template found
-                       $mode = 'install/';
-               } elseif (substr($template, 0, 4) == 'ext_') {
-                       // Extension template found
-                       $mode = 'ext/';
-               } elseif (substr($template, 0, 3) == 'la_') {
-                       // 'Logical-area' template found
-                       $mode = 'la/';
-               } elseif (substr($template, 0, 3) == 'js_') {
-                       // JavaScript template found
-                       $mode = 'js/';
-               } elseif (substr($template, 0, 5) == 'menu_') {
-                       // Menu template found
-                       $mode = 'menu/';
-               } else {
-                       // Test for extension
-                       $test = substr($template, 0, strpos($template, '_'));
-
-                       // Probe for valid extension name
-                       if (isExtensionNameValid($test)) {
-                               // Set extra path to extension's name
-                               $mode = $test . '/';
-                       } // END - if
-               }
+               $extraPath = detectExtraTemplatePath($template);;
 
                ////////////////////////
                // Generate file name //
                ////////////////////////
-               $FQFN = $basePath . $mode . $template . '.tpl';
-
-               if ((isWhatSet()) && ((strpos($template, '_header') > 0) || (strpos($template, '_footer') > 0)) && (($mode == 'guest/') || ($mode == 'member/') || ($mode == 'admin/'))) {
-                       // Select what depended header/footer template file for admin/guest/member area
-                       $file2 = sprintf("%s%s%s_%s.tpl",
-                               $basePath,
-                               $mode,
-                               $template,
-                               getWhat()
-                       );
-
-                       // Probe for it...
-                       if (isFileReadable($file2)) $FQFN = $file2;
-
-                       // Remove variable from memory
-                       unset($file2);
-               } // END - if
+               $FQFN = $basePath . $extraPath . $template . '.tpl';
 
                // Does the special template exists?
                if (!isFileReadable($FQFN)) {
@@ -331,6 +276,9 @@ function loadTemplate ($template, $return=false, $content=array()) {
 
                // Now does the final template exists?
                if (isFileReadable($FQFN)) {
+                       // Count the template load
+                       incrementConfigEntry('num_templates');
+
                        // The local file does exists so we load it. :)
                        $GLOBALS['tpl_content'] = readFromFile($FQFN);
 
@@ -343,18 +291,18 @@ function loadTemplate ($template, $return=false, $content=array()) {
                                        $ret = "<!-- Template " . $template . " - Start -->\n" . $GLOBALS['tpl_content'] . "<!-- Template " . $template . " - End -->\n";
 
                                        // Prepare eval() command
-                                       $eval = '$ret = "' . compileCode(addslashes($ret)) . '";';
+                                       $eval = '$ret = "' . compileCode(escapeQuotes($ret)) . '";';
                                } elseif (substr($template, 0, 3) == 'js_') {
                                        // JavaScripts don't like entities and timings
-                                       $eval = '$ret = decodeEntities("' . compileRawCode(addslashes($GLOBALS['tpl_content'])) . '");';
+                                       $eval = '$ret = decodeEntities("' . compileRawCode(escapeQuotes($GLOBALS['tpl_content'])) . '");';
                                } else {
                                        // Prepare eval() command
-                                       $eval = '$ret = "' . compileCode(addslashes($GLOBALS['tpl_content'])) . '";';
+                                       $eval = '$ret = "' . compileCode(escapeQuotes($GLOBALS['tpl_content'])) . '";';
                                }
                        } else {
                                // Add surrounding HTML comments to help finding bugs faster
                                $ret = "<!-- Template " . $template . " - Start -->\n" . $GLOBALS['tpl_content'] . "<!-- Template " . $template . " - End -->\n";
-                               $eval = '$ret = "' . addslashes($ret) . '";';
+                               $eval = '$ret = "' . escapeQuotes($ret) . '";';
                        } // END - if
 
                        // Cache the eval() command here
@@ -397,6 +345,51 @@ function loadTemplate ($template, $return=false, $content=array()) {
        }
 }
 
+// Detects the extra template path from given template name
+function detectExtraTemplatePath ($template) {
+       // Default is empty
+       $extraPath = '';
+
+       // Check for admin/guest/member templates
+       if (substr($template, 0, 6) == 'admin_') {
+               // Admin template found
+               $extraPath = 'admin/';
+       } elseif (substr($template, 0, 6) == 'guest_') {
+               // Guest template found
+               $extraPath = 'guest/';
+       } elseif (substr($template, 0, 7) == 'member_') {
+               // Member template found
+               $extraPath = 'member/';
+       } elseif (substr($template, 0, 8) == 'install_') {
+               // Installation template found
+               $extraPath = 'install/';
+       } elseif (substr($template, 0, 4) == 'ext_') {
+               // Extension template found
+               $extraPath = 'ext/';
+       } elseif (substr($template, 0, 3) == 'la_') {
+               // 'Logical-area' template found
+               $extraPath = 'la/';
+       } elseif (substr($template, 0, 3) == 'js_') {
+               // JavaScript template found
+               $extraPath = 'js/';
+       } elseif (substr($template, 0, 5) == 'menu_') {
+               // Menu template found
+               $extraPath = 'menu/';
+       } else {
+               // Test for extension
+               $test = substr($template, 0, strpos($template, '_'));
+
+               // Probe for valid extension name
+               if (isExtensionNameValid($test)) {
+                       // Set extra path to extension's name
+                       $extraPath = $test . '/';
+               } // END - if
+       }
+
+       // Return result
+       return $extraPath;
+}
+
 // Loads an email template and compiles it
 function loadEmailTemplate ($template, $content = array(), $UID = '0') {
        global $DATA;
@@ -471,37 +464,22 @@ function loadEmailTemplate ($template, $content = array(), $UID = '0') {
        if (isset($content['email'])) $email = $content['email'];
 
        // Store email for some functions in global data array
+       // @TODO Do only use $contentn, not $DATA or raw variables
        $DATA['email'] = $email;
 
        // Base directory
        $basePath = sprintf("%stemplates/%s/emails/", getConfig('PATH'), getLanguage());
 
-       // Check for admin/guest/member templates
-       if (substr($template, 0, 6) == 'admin_') {
-               // Admin template found
-               $FQFN = $basePath.'admin/' . $template.'.tpl';
-       } elseif (substr($template, 0, 6) == 'guest_') {
-               // Guest template found
-               $FQFN = $basePath.'guest/' . $template.'.tpl';
-       } elseif (substr($template, 0, 7) == 'member_') {
-               // Member template found
-               $FQFN = $basePath.'member/' . $template.'.tpl';
-       } else {
-               // Test for extension
-               $test = substr($template, 0, strpos($template, '_'));
-               if (isExtensionNameValid($test)) {
-                       // Set extra path to extension's name
-                       $FQFN = $basePath . $test.'/' . $template.'.tpl';
-               } else {
-                       // No special filename
-                       $FQFN = $basePath . $template.'.tpl';
-               }
-       }
+       // Detect extra path
+       $extraPath = detectExtraTemplatePath($template);
+
+       // Generate full FQFN
+       $FQFN = $basePath . $extraPath . $template . '.tpl';
 
        // Does the special template exists?
        if (!isFileReadable($FQFN)) {
                // Reset to default template
-               $FQFN = $basePath . $template.'.tpl';
+               $FQFN = $basePath . $template . '.tpl';
        } // END - if
 
        // Now does the final template exists?
@@ -511,16 +489,16 @@ function loadEmailTemplate ($template, $content = array(), $UID = '0') {
                $GLOBALS['tpl_content'] = readFromFile($FQFN);
 
                // Run code
-               $GLOBALS['tpl_content'] = "\$newContent = decodeEntities(\"".compileRawCode(addslashes($GLOBALS['tpl_content']))."\");";
+               $GLOBALS['tpl_content'] = "\$newContent = decodeEntities(\"".compileRawCode(escapeQuotes($GLOBALS['tpl_content']))."\");";
                eval($GLOBALS['tpl_content']);
        } elseif (!empty($template)) {
                // Template file not found!
-               $newContent = "{--TEMPLATE_404--}: " . $template."<br />
+               $newContent = '{--TEMPLATE_404--}: ' . $template . '<br />
 {--TEMPLATE_CONTENT--}
-<pre>".print_r($content, true)."</pre>
+<pre>' . print_r($content, true) . '</pre>
 {--TEMPLATE_DATA--}
-<pre>".print_r($DATA, true)."</pre>
-<br /><br />";
+<pre>' . print_r($DATA, true) . '</pre>
+<br /><br />';
 
                // Debug mode not active? Then remove the HTML tags
                if (!isDebugModeEnabled()) $newContent = secureString($newContent);
@@ -533,6 +511,7 @@ function loadEmailTemplate ($template, $content = array(), $UID = '0') {
        if (empty($newContent)) {
                // Compiling failed
                $newContent = "Compiler error for template {$template}!\nUncompiled content:\n" . $GLOBALS['tpl_content'];
+
                // Add last error if the required function exists
                if (function_exists('error_get_last')) $newContent .= "\n--------------------------------------\nDebug:\n".print_r(error_get_last(), true)."--------------------------------------\nPlease don't alter these informations!\nThanx.";
        } // END - if
@@ -541,10 +520,6 @@ function loadEmailTemplate ($template, $content = array(), $UID = '0') {
        unset($content);
        unset($DATA);
 
-       // Compile the code and eval it
-       $eval = '$newContent = "' . compileRawCode(addslashes($newContent)) . '";';
-       eval($eval);
-
        // Return content
        return $newContent;
 }
@@ -554,7 +529,7 @@ function sendEmail ($toEmail, $subject, $message, $isHtml = 'N', $mailHeader = '
        //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):TO={$toEmail},SUBJECT={$subject}<br />");
 
        // Compile subject line (for POINTS constant etc.)
-       eval("\$subject = decodeEntities(\"".compileRawCode(addslashes($subject))."\");");
+       eval("\$subject = decodeEntities(\"".compileRawCode(escapeQuotes($subject))."\");");
 
        // Set from header
        if ((!eregi('@', $toEmail)) && ($toEmail > 0)) {
@@ -600,17 +575,17 @@ function sendEmail ($toEmail, $subject, $message, $isHtml = 'N', $mailHeader = '
        }
 
        // Compile "TO"
-       eval("\$toEmail = \"".compileRawCode(addslashes($toEmail))."\";");
+       eval("\$toEmail = \"".compileRawCode(escapeQuotes($toEmail))."\";");
 
        // Compile "MSG"
-       eval("\$message = \"".compileRawCode(addslashes($message))."\";");
+       eval("\$message = \"".compileRawCode(escapeQuotes($message))."\";");
 
        // Fix HTML parameter (default is no!)
        if (empty($isHtml)) $isHtml = 'N';
        if (isDebugModeEnabled()) {
                // In debug mode we want to display the mail instead of sending it away so we can debug this part
                outputHtml('<pre>
-Headers : ' . str_replace('<', '&lt', str_replace('>', '&gt;', htmlentities(trim($mailHeader)))) . '
+Headers : ' . str_replace('<', '&lt', str_replace('>', '&gt;', secureString(trim($mailHeader)))) . '
 To      : ' . $toEmail . '
 Subject : ' . $subject . '
 Message : ' . $message . '
@@ -1040,11 +1015,11 @@ function compileRawCode ($code, $simple = false, $constants = true, $full = true
                return $code;
        } // END - if
 
-       // Init replacement-array with full security characters
-       $secChars = $GLOBALS['security_chars'];
+       // Init replacement-array with smaller set of security characters
+       $secChars = $GLOBALS['url_chars'];
 
-       // Select smaller set of chars to replace when we e.g. want to compile URLs
-       if ($full === false) $secChars = $GLOBALS['url_chars'];
+       // Select full set of chars to replace when we e.g. want to compile URLs
+       if ($full === true) $secChars = $GLOBALS['security_chars'];
 
        // Compile more through a filter
        $code = runFilterChain('compile_code', $code);
@@ -1067,6 +1042,7 @@ function compileRawCode ($code, $simple = false, $constants = true, $full = true
        } // END - foreach
 
        // Find $content[bla][blub] entries
+       // @TODO Do only use $content and deprecate $GLOBALS and $DATA in templates
        preg_match_all('/\$(content|GLOBALS|DATA)((\[([a-zA-Z0-9-_]+)\])*)/', $code, $matches);
 
        // Are some matches found?
@@ -2344,9 +2320,9 @@ function getCurrentTheme () {
                if ((isGetRequestElementSet('theme')) && (isFileReadable($theme))) {
                        // Set cookie from URL data
                        setTheme(getRequestElement('theme'));
-               } elseif (isFileReadable(sprintf("%stheme/%s/theme.php", getConfig('PATH'), SQL_ESCAPE(postRequestElement('theme'))))) {
+               } elseif (isFileReadable(sprintf("%stheme/%s/theme.php", getConfig('PATH'), secureString(postRequestElement('theme'))))) {
                        // Set cookie from posted data
-                       setTheme(SQL_ESCAPE(postRequestElement('theme')));
+                       setTheme(secureString(postRequestElement('theme')));
                }
 
                // Set return value
@@ -3589,7 +3565,7 @@ function linenumberCode ($code)    {
                $r .= '</span>|';
 
                // Add code
-               $r .= '<span class="linetext">' . htmlentities($c) . '</span></div>';
+               $r .= '<span class="linetext">' . secureString($c) . '</span></div>';
        }
 
        return '<div class="code">' . $r . '</div>';
@@ -3701,6 +3677,21 @@ function readTemplateCache ($template) {
        return $GLOBALS['template_eval'][$template];
 }
 
+// Escapes quotes (default is only double-quotes)
+function escapeQuotes ($str, $single = false) {
+       // Should we escape all?
+       if ($single === true) {
+               // Escape all (including null)
+               $str = addslashes($str);
+       } else {
+               // Escape only double-quotes
+               $str = str_replace('"', "\\\"", $str);
+       }
+
+       // Return the escaped string
+       return $str;
+}
+
 //////////////////////////////////////////////////
 // AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS //
 //////////////////////////////////////////////////

diff --git a/inc/language-functions.php b/inc/language-functions.php
index cb1f925dbcb9a016f1cbd89d9f164312573bef82..479848e75c1782dbc00fe61e309d0d86b116dcc2 100644 (file)
--- a/inc/language-functions.php
+++ b/inc/language-functions.php
@@ -122,8 +122,8 @@ function getLanguage () {
 
 // "Setter" for language
 function setLanguage ($lang) {
-       // Accept only first 2 chars!
-       $lang = substr(SQL_ESCAPE(secureString($lang)), 0, 2);
+       // Accept only first 2 chars and still secure them
+       $lang = substr(secureString($lang), 0, 2);
 
        // Set cookie
        setSession('mx_lang', $lang);

diff --git a/inc/libs/admins_functions.php b/inc/libs/admins_functions.php
index ed45da64a1bd0243017938599ffad490b712b6e7..a750428dedf22ae9f5e949c23f90302e4f5a6a75 100644 (file)
--- a/inc/libs/admins_functions.php
+++ b/inc/libs/admins_functions.php
@@ -170,7 +170,7 @@ function adminsChangeAdminAccount ($postData) {
                        $hash = generateHash($postData['pass1'][$id]);
 
                        // Save password when set
-                       if (!empty($postData['pass1'][$id])) $add = sprintf(", password='%s'", SQL_ESCAPE($hash));
+                       if (!empty($postData['pass1'][$id])) $add = sprintf(", `password`='%s'", SQL_ESCAPE($hash));
 
                        // Get admin's id
                        $adminId = getCurrentAdminId();

diff --git a/inc/libs/sponsor_functions.php b/inc/libs/sponsor_functions.php
index e1ee608916770ba0303e98025d3b187d3829016b..3a88f132879df5ab3077b8113649536fccdda662 100644 (file)
--- a/inc/libs/sponsor_functions.php
+++ b/inc/libs/sponsor_functions.php
@@ -176,7 +176,7 @@ function handlSponsorRequest (&$postData, $update=false, $messageArray=array(),
                                foreach ($postData as $k => $v) {
                                        // Do not add 'force' !
                                        if ($k != 'force') {
-                                               $OUT .= "<input type=\"hidden\" name=\"" . SQL_ESCAPE($k) . "\" value=\"" . SQL_ESCAPE($v) . "\" />\n";
+                                               $OUT .= "<input type=\"hidden\" name=\"" . secureString($k) . "\" value=\"" . SQL_ESCAPE($v) . "\" />\n";
                                        } // END - if
                                } // END - foreach
 

diff --git a/inc/libs/surfbar_functions.php b/inc/libs/surfbar_functions.php
index d87130fee37f06366ae64891ac42f807c8aa36ea..d550d625e26f675c15d3000db8731e740a73f7cc 100644 (file)
--- a/inc/libs/surfbar_functions.php
+++ b/inc/libs/surfbar_functions.php
@@ -235,7 +235,7 @@ function SURFBAR_MEMBER_DO_FORM ($formData, $URLs) {
        }
 
        // Secure action
-       $action = SQL_ESCAPE(secureString($formData['action']));
+       $action = secureString($formData['action']);
 
        // Has it changed?
        if ($action != $formData['action']) {

diff --git a/inc/libs/theme_functions.php b/inc/libs/theme_functions.php
index 64dbda3d65b4058763a5f26b5be92403f0e144e2..e53451b33b9bb211df4c20a7037f50cd3990aa0e 100644 (file)
--- a/inc/libs/theme_functions.php
+++ b/inc/libs/theme_functions.php
@@ -72,7 +72,7 @@ function generateThemeSelectionBox () {
        // Load all themes
        while ($content = SQL_FETCHARRAY($result)) {
                // Construct relative include file name
-               $inc = sprintf("theme/%s/theme.php", SQL_ESCAPE($content['theme_path']));
+               $inc = sprintf("theme/%s/theme.php", secureString($content['theme_path']));
 
                // Load it's theme.php file if found
                if (isIncludeReadable($inc)) {

diff --git a/inc/libs/wernis_functions.php b/inc/libs/wernis_functions.php
index 468a0db29c80989611c960d0a4fdfa32ac67c931..acc613dd53752f644234e40a95430f286543ba6c 100644 (file)
--- a/inc/libs/wernis_functions.php
+++ b/inc/libs/wernis_functions.php
@@ -126,7 +126,7 @@ function WERNIS_SEND_REQUEST ($scriptName, $requestData =  array()) {
                // Something badly happened on server-side
                return array(
                        'status'  => 'request_problem',
-                       'message' => sprintf(getMessage('WERNIS_API_REQUEST_PROBLEM'), $response[0], htmlentities($responseLine))
+                       'message' => sprintf(getMessage('WERNIS_API_REQUEST_PROBLEM'), $response[0], secureString($responseLine))
                );
        } // END - if
 

diff --git a/inc/modules/admin.php b/inc/modules/admin.php
index b9b59ece5f405ce696c877bf469619881f8cb448..78705e7aff8562e47fdd978185396ff6439b3a49 100644 (file)
--- a/inc/modules/admin.php
+++ b/inc/modules/admin.php
@@ -163,8 +163,8 @@ if (!isAdminRegistered()) {
                if ($valid === true) {
                        // Prepare content first
                        $content = array(
-                               'hash'  => SQL_ESCAPE(postRequestElement('hash')),
-                               'login' => SQL_ESCAPE(postRequestElement('login'))
+                               'hash'  => secureString(postRequestElement('hash')),
+                               'login' => secureString(postRequestElement('login'))
                        );
 
                        // Validation okay so display form for final password change

diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php
index cc9b9aedcab6bec531ef0606903b2ee46d9cbb70..2a3f33ac876c4e5cf0460eabe018f32ee98ad01a 100644 (file)
--- a/inc/mysql-manager.php
+++ b/inc/mysql-manager.php
@@ -2222,7 +2222,7 @@ function reduceRecipientReceivedMails ($column, $id, $count) {
 function createNewTask ($subject, $notes, $taskType, $userid = '0', $adminId = '0', $strip = true) {
        // Insert the task data into the database
        SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_task_system` (`assigned_admin`, `userid`, `status`, `task_type`, `subject`, `text`, `task_created`) VALUES (%s,%s,'NEW','%s','%s','%s', UNIX_TIMESTAMP())",
-               array($adminId, $userid, $taskType, $subject, addslashes($notes)), __FUNCTION__, __LINE__, true, $strip);
+               array($adminId, $userid, $taskType, $subject, escapeQuotes($notes)), __FUNCTION__, __LINE__, true, $strip);
 }
 
 // Updates last module / online time

diff --git a/inc/session-functions.php b/inc/session-functions.php
index ce329769dce456e9cbb588edd375e40fe40398bd..18ed9d0661030917ccd72b7da05a747530b02244 100644 (file)
--- a/inc/session-functions.php
+++ b/inc/session-functions.php
@@ -47,7 +47,7 @@ function setSession ($var, $value) {
        if (getOutputMode() == 1) return true;
 
        // Trim value and session variable
-       $var = trim(SQL_ESCAPE($var)); $value = trim($value);
+       $var = trim(secureString($var)); $value = trim($value);
 
        // Is the session variable set?
        if (('' . $value . '' == '') && (isSessionVariableSet($var))) {

diff --git a/inc/stylesheet.php b/inc/stylesheet.php
index d311ef3d29bdfe42698731562a3589f88cdd7147..6e4ac65e7f71d626c6f6bfc0dccce85615b1d8bc 100644 (file)
--- a/inc/stylesheet.php
+++ b/inc/stylesheet.php
@@ -111,7 +111,7 @@ if ((getOutputMode() == 1) || (getConfig('css_php') == 'DIRECT')) {
                // Default theme first
                $newTheme = 'default';
                if (isGetRequestElementSet('theme'))  $newTheme = getRequestElement('theme');
-               if (isPostRequestElementSet('theme')) $newTheme = SQL_ESCAPE(postRequestElement('theme'));
+               if (isPostRequestElementSet('theme')) $newTheme = secureString(postRequestElement('theme'));
                outputHtml('?theme=' . $newTheme . '&installing=1', false);
        } else {
                // Add SVN revision to bypass caching problems