More EL code, security for $_POST elements rewritten (simplified):

[mailer.git] / inc / libs / security_functions.php

diff --git a/inc/libs/security_functions.php b/inc/libs/security_functions.php
index 2b41ab968c41922a2c72966aba5193602ea8d7f6..df3d5686b041a2c92d12329778be45f75d188291 100644 (file)
--- a/inc/libs/security_functions.php
+++ b/inc/libs/security_functions.php
@@ -212,6 +212,18 @@ if (is_array($_GET)) {
        } // END - foreach
 } // END - if
 
+// Secure also $_POST data (only simple, no replace)
+if (is_array($_POST)) {
+       // Secure only simple data
+       foreach ($_POST as $seckey => $secvalue) {
+               // Is it an array?
+               if (!is_array($secvalue)) {
+                       // Strip all other out
+                       $_POST[$seckey] = secureString($_POST[$seckey]);
+               } // END - if
+       } // END - foreach
+} // END - if
+
 // Detect PHP caching
 detectPhpCaching();