Security Fixes, Mainly
This commit is contained in:
+6
-1
@@ -1,4 +1,9 @@
|
||||
<?php
|
||||
|
||||
/* Prevent XSS input */
|
||||
$_GET = filter_input_array(INPUT_GET, FILTER_SANITIZE_STRING);
|
||||
$_POST = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
|
||||
|
||||
$sys_timezone = "";
|
||||
// If we can get the timezome from the systems timezone file ust that
|
||||
if (file_exists('/etc/timezone')) {
|
||||
@@ -99,4 +104,4 @@ echo "
|
||||
<iframe src=\"/views.php\"></iframe>
|
||||
</div>";
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
+7
-2
@@ -1,4 +1,9 @@
|
||||
<?php
|
||||
|
||||
/* Prevent XSS input */
|
||||
$_GET = filter_input_array(INPUT_GET, FILTER_SANITIZE_STRING);
|
||||
$_POST = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
|
||||
|
||||
$sys_timezone = "";
|
||||
// If we can get the timezome from the systems timezone file ust that
|
||||
if (file_exists('/etc/timezone')) {
|
||||
@@ -73,7 +78,7 @@ body::-webkit-scrollbar {
|
||||
<button type="submit" name="view" value="Overview" form="views">Overview</button>
|
||||
</form>
|
||||
<form action="" method="GET" id="views">
|
||||
<button type="submit" name="view" value="Today's Detections" form="views">Today's Detections</button>
|
||||
<button type="submit" name="view" value="Todays Detections" form="views">Today's Detections</button>
|
||||
</form>
|
||||
<form action="" method="GET" id="views">
|
||||
<button type="submit" name="view" value="Spectrogram" form="views">Spectrogram</button>
|
||||
@@ -143,7 +148,7 @@ if(isset($_GET['view'])){
|
||||
if($_GET['view'] == "Spectrogram"){include('spectrogram.php');}
|
||||
if($_GET['view'] == "View Log"){echo "<body style=\"scroll:no;overflow-x:hidden;\"><iframe style=\"width:calc( 100% + 1em);\" src=\"/log\"></iframe></body>";}
|
||||
if($_GET['view'] == "Overview"){include('overview.php');}
|
||||
if($_GET['view'] == "Today's Detections"){include('todays_detections.php');}
|
||||
if($_GET['view'] == "Todays Detections"){include('todays_detections.php');}
|
||||
if($_GET['view'] == "Kiosk"){$kiosk = true;include('todays_detections.php');}
|
||||
if($_GET['view'] == "Species Stats"){include('stats.php');}
|
||||
if($_GET['view'] == "Weekly Report"){include('weekly_report.php');}
|
||||
|
||||
@@ -1,4 +1,9 @@
|
||||
<?php
|
||||
|
||||
/* Prevent XSS input */
|
||||
$_GET = filter_input_array(INPUT_GET, FILTER_SANITIZE_STRING);
|
||||
$_POST = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
|
||||
|
||||
error_reporting(E_ALL);
|
||||
ini_set('display_errors',1);
|
||||
ini_set('display_startup_errors',1);
|
||||
|
||||
@@ -1,4 +1,9 @@
|
||||
<?php
|
||||
|
||||
/* Prevent XSS input */
|
||||
$_GET = filter_input_array(INPUT_GET, FILTER_SANITIZE_STRING);
|
||||
$_POST = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
|
||||
|
||||
error_reporting(E_ERROR);
|
||||
ini_set('display_errors',1);
|
||||
|
||||
|
||||
@@ -1,4 +1,9 @@
|
||||
<?php
|
||||
|
||||
/* Prevent XSS input */
|
||||
$_GET = filter_input_array(INPUT_GET, FILTER_SANITIZE_STRING);
|
||||
$_POST = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
|
||||
|
||||
ini_set('user_agent', 'PHP_Flickr/1.0');
|
||||
error_reporting(0);
|
||||
ini_set('display_errors', 0);
|
||||
|
||||
@@ -1,4 +1,9 @@
|
||||
<?php
|
||||
|
||||
/* Prevent XSS input */
|
||||
$_GET = filter_input_array(INPUT_GET, FILTER_SANITIZE_STRING);
|
||||
$_POST = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
|
||||
|
||||
ini_set('session.gc_maxlifetime', 7200);
|
||||
ini_set('user_agent', 'PHP_Flickr/1.0');
|
||||
session_set_cookie_params(7200);
|
||||
|
||||
Reference in New Issue
Block a user