$_POST = $GLOBALS['_POST'];
} // END - if
-// Include IP-Filter here
-//include("/usr/share/php/ipfilter.php");
-
// Generate arrays which holds the relevante chars to replace
$GLOBALS['security_chars'] = array(
// The chars we are looking for...
- 'from' => array('{', '}', '/', '.', "'", '$', '(', ')', '{--', '--}', '{?', '?}', '%', ';', '[', ']', ':', '--'),
+ 'from' => array('/', '.', "'", '$', '(', ')', '{--', '--}', '{?', '?}', '%', ';', '[', ']', ':', '--'),
// ... and we will replace to.
'to' => array(
- '{OPEN_ANCHOR2}',
- '{CLOSE_ANCHOR2}',
'{SLASH}',
'{DOT}',
'{QUOT}',
// Compile it
//* DEBUG: */ debugOutput('<pre>'.encodeEntities($code).'</pre>');
$eval = '$newContent = "' . str_replace('{DQUOTE}', '"', compileCode(escapeQuotes($code))) . '";';
- //* DEBUG: */ if (
$insertComments) die('<pre>'.linenumberCode($eval).'</pre>');
+ //* DEBUG: */ if (
!$insertComments) print('<pre>'.linenumberCode($eval).'</pre>');
eval($eval);
//* DEBUG: */ die('<pre>'.encodeEntities($newContent).'</pre>');
// Escape all (including null)
$str = addslashes($str);
} else {
+ // Remove escaping of single quotes
+ $str = str_replace("\'", "'", $str);
+
// Escape only double-quotes but prevent double-quoting
$str = str_replace("\\\\", "\\", str_replace('"', "\\\"", $str));
}
projects / mailer.git / commitdiff