diff options
author | CiaranG <ciaran@ciarang.com> | 2008-09-04 02:55:04 -0400 |
---|---|---|
committer | CiaranG <ciaran@ciarang.com> | 2008-09-04 02:55:04 -0400 |
commit | fff677e6c45f259d4dcc3c4985f71f420060042b (patch) | |
tree | b429c77afba439b4d99390746e8187710c29c6d8 | |
parent | 4d1528734d840e2da0d9b24c18d739cd6d70853e (diff) |
Resolve remote subscribe and omb problems with quotes (Tickets #604 and #567)
darcs-hash:20080904065504-f6e2c-f0c770f52624e7151a93f2ed2b8813657ca88c14.gz
-rw-r--r-- | actions/accesstoken.php | 1 | ||||
-rw-r--r-- | actions/finishremotesubscribe.php | 4 | ||||
-rw-r--r-- | actions/postnotice.php | 1 | ||||
-rw-r--r-- | actions/requesttoken.php | 1 | ||||
-rw-r--r-- | actions/updateprofile.php | 1 | ||||
-rw-r--r-- | actions/userauthorization.php | 1 | ||||
-rw-r--r-- | lib/util.php | 9 |
7 files changed, 17 insertions, 1 deletions
diff --git a/actions/accesstoken.php b/actions/accesstoken.php index 80c4477d0..4907749ce 100644 --- a/actions/accesstoken.php +++ b/actions/accesstoken.php @@ -26,6 +26,7 @@ class AccesstokenAction extends Action { parent::handle($args); try { common_debug('getting request from env variables', __FILE__); + common_remove_magic_from_request(); $req = OAuthRequest::from_request(); common_debug('getting a server', __FILE__); $server = omb_oauth_server(); diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php index c9bdf26da..80c259c3d 100644 --- a/actions/finishremotesubscribe.php +++ b/actions/finishremotesubscribe.php @@ -41,6 +41,8 @@ class FinishremotesubscribeAction extends Action { common_debug('stored request: '.print_r($omb,true), __FILE__); + + commom_remove_magic_from_request(); $req = OAuthRequest::from_request(); $token = $req->get_parameter('oauth_token'); @@ -248,4 +250,4 @@ class FinishremotesubscribeAction extends Action { return array($return['oauth_token'], $return['oauth_token_secret']); } -}
\ No newline at end of file +} diff --git a/actions/postnotice.php b/actions/postnotice.php index a04fca20a..c1a5e0d5b 100644 --- a/actions/postnotice.php +++ b/actions/postnotice.php @@ -25,6 +25,7 @@ class PostnoticeAction extends Action { function handle($args) { parent::handle($args); try { + common_remove_magic_from_request(); $req = OAuthRequest::from_request(); # Note: server-to-server function! $server = omb_oauth_server(); diff --git a/actions/requesttoken.php b/actions/requesttoken.php index 4a2321532..76019a929 100644 --- a/actions/requesttoken.php +++ b/actions/requesttoken.php @@ -30,6 +30,7 @@ class RequesttokenAction extends Action { function handle($args) { parent::handle($args); try { + common_remove_magic_from_request(); $req = OAuthRequest::from_request(); $server = omb_oauth_server(); $token = $server->fetch_request_token($req); diff --git a/actions/updateprofile.php b/actions/updateprofile.php index 7e604f6b1..921e88e63 100644 --- a/actions/updateprofile.php +++ b/actions/updateprofile.php @@ -26,6 +26,7 @@ class UpdateprofileAction extends Action { function handle($args) { parent::handle($args); try { + common_remove_magic_from_request(); $req = OAuthRequest::from_request(); # Note: server-to-server function! $server = omb_oauth_server(); diff --git a/actions/userauthorization.php b/actions/userauthorization.php index 620811398..111b54085 100644 --- a/actions/userauthorization.php +++ b/actions/userauthorization.php @@ -350,6 +350,7 @@ class UserauthorizationAction extends Action { } function get_new_request() { + common_remove_magic_from_request(); $req = OAuthRequest::from_request(); return $req; } diff --git a/lib/util.php b/lib/util.php index 153009212..df64e74be 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1424,6 +1424,15 @@ function common_copy_args($from) { return $to; } +// Neutralise the evil effects of magic_quotes_gpc in the current request. +// This is used before handing a request off to OAuthRequest::from_request. +function common_remove_magic_from_request() { + if(get_magic_quotes_gpc()) { + $_POST=array_map('stripslashes',$_POST); + $_GET=array_map('stripslashes',$_GET); + } +} + function common_user_uri(&$user) { return common_local_url('userbyid', array('id' => $user->id)); } |