|
05-14-2007, 07:09 AM | #1 |
Green Mole
Join Date: May 2007
Posts: 1
|
phpdigSessionRemove() fix
In 1.8.8 version, define('PHPDIG_SESSID_VAR','PHPSESSID,s,from');
do not cause "from=_test_" to be stripped from url, but only "from=", that's a bug. It's because '_' is not part of characters matched by ereg_replace() in phpdigSessionRemoveIt() defined in file robot_functions.php. $what is not escaped before being concatenated to regexp, this is another potential issue, especially if a variable name contains a dot. define(''PHPDIG_SESSID_VAR','PHPSESSID,d.c') will cause "doc=xxx' to be stripped for url. Matching & doesn't make sense to me (& should be escaped if found in value isn't it ?). I modified phpdigSessionRemoveIt() like this: Code:
function phpdigSessionRemoveIt($what,$eval) { $eval = preg_replace('/([?&])'.preg_quote(trim($what)).'=[^&]*/','$1',$eval); $eval = str_replace('&&','&',$eval); $eval = eregi_replace('[?][&]','?',$eval); $eval = eregi_replace('&$','',$eval); $eval = ereg_replace('[?]$','',$eval); // remove trailing question mark return $eval; } |
Thread Tools | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Fix timeouts at fgets() | jinkas | Mod Requests | 0 | 08-25-2004 03:02 PM |
links found : 0 -- Fix! | David_Hogan | Troubleshooting | 0 | 05-06-2004 07:00 AM |
Bug fix for pdftohtml | alivin70 | Mod Submissions | 0 | 02-25-2004 08:19 AM |
Regular Expression Fix | Charter | Mod Submissions | 0 | 12-03-2003 12:58 AM |
1.6.2 fix for logs table | Charter | Mod Submissions | 0 | 09-13-2003 02:49 PM |