Commit 0c61ce12fff23d39ae94810838877d71f88afc7f

Authored by Edmar Moretti
1 parent 47213e39

Sanitização de parâmetros em arquivos html gerados com php para evitar xss

init/index.php
@@ -20,6 +20,7 @@ if (! empty ( $_GET ["customDir"] )) { @@ -20,6 +20,7 @@ if (! empty ( $_GET ["customDir"] )) {
20 } else if (empty ( $customDir )) { 20 } else if (empty ( $customDir )) {
21 $customDir = "interface"; 21 $customDir = "interface";
22 } 22 }
  23 +include_once (dirname(__FILE__)."/../classesphp/sani_request.php");
23 if (! file_exists ( $dir_tmp )) { 24 if (! file_exists ( $dir_tmp )) {
24 @mkdir ( $dir_tmp, 0744 ); 25 @mkdir ( $dir_tmp, 0744 );
25 } 26 }
1 <?php 1 <?php
2 define ( ONDEI3GEO, ".." ); 2 define ( ONDEI3GEO, ".." );
3 include (dirname ( __FILE__ ) . "/../ms_configura.php"); 3 include (dirname ( __FILE__ ) . "/../ms_configura.php");
  4 +include_once (dirname(__FILE__)."/../classesphp/sani_request.php");
4 // pega a extensao geografica 5 // pega a extensao geografica
5 if ($ogcwsmap == "") { 6 if ($ogcwsmap == "") {
6 $ogcwsmap = $locaplic . "/aplicmap/ogcws.map"; 7 $ogcwsmap = $locaplic . "/aplicmap/ogcws.map";
permlinks/index.php
1 <?php 1 <?php
2 define ( ONDEI3GEO, ".." ); 2 define ( ONDEI3GEO, ".." );
3 include (dirname ( __FILE__ ) . "/../ms_configura.php"); 3 include (dirname ( __FILE__ ) . "/../ms_configura.php");
  4 +include_once (dirname(__FILE__)."/../classesphp/sani_request.php");
4 if (! empty ( $_GET ["customDir"] )) { 5 if (! empty ( $_GET ["customDir"] )) {
5 $customDir = strip_tags ( $_GET ["customDir"] ); 6 $customDir = strip_tags ( $_GET ["customDir"] );
6 } else if (empty ( $customDir )) { 7 } else if (empty ( $customDir )) {