From 4a80c35557730641344703a5eceb7c7e620a2069 Mon Sep 17 00:00:00 2001 From: Benjamin Renard Date: Thu, 3 May 2012 14:42:58 +0200 Subject: [PATCH] Added urldecode() of parameters in request and urlendode() of parameters in links's URL --- public_html/remove.php | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/public_html/remove.php b/public_html/remove.php index caf9c105..bea77129 100644 --- a/public_html/remove.php +++ b/public_html/remove.php @@ -25,17 +25,19 @@ require_once 'core.php'; if(LSsession :: startLSsession()) { if ((isset($_GET['LSobject'])) && (isset($_GET['dn']))) { + $LSobject=urldecode($_GET['LSobject']); + $dn=urldecode($_GET['dn']); - if (LSsession ::loadLSobject($_GET['LSobject'])) { - if ( LSsession :: canRemove($_GET['LSobject'],$_GET['dn']) ) { - $object = new $_GET['LSobject'](); - if ($object -> loadData($_GET['dn'])) { + if (LSsession ::loadLSobject($LSobject)) { + if ( LSsession :: canRemove($LSobject,$dn) ) { + $object = new $LSobject(); + if ($object -> loadData($dn)) { if (isset($_GET['valid'])) { $objectname=$object -> getDisplayName(); $GLOBALS['Smarty'] -> assign('pagetitle',_('Deleting').' : '.$objectname); if ($object -> remove()) { LSsession :: addInfo($objectname.' '._('has been deleted successfully').'.'); - LSsession :: redirect('view.php?LSobject='.$_GET['LSobject'].'&refresh'); + LSsession :: redirect('view.php?LSobject='.$LSobject.'&refresh'); } else { LSerror :: addErrorCode('LSldapObject_15',$objectname); @@ -45,7 +47,7 @@ if(LSsession :: startLSsession()) { // Définition du Titre de la page $GLOBALS['Smarty'] -> assign('pagetitle',_('Deleting').' : '.$object -> getDisplayName()); $GLOBALS['Smarty'] -> assign('question',_('Do you really want to delete').' '.$object -> getDisplayName().' ?'); - $GLOBALS['Smarty'] -> assign('validation_url','remove.php?LSobject='.$_GET['LSobject'].'&dn='.$_GET['dn'].'&valid'); + $GLOBALS['Smarty'] -> assign('validation_url','remove.php?LSobject='.$LSobject.'&dn='.urlencode($dn).'&valid'); $GLOBALS['Smarty'] -> assign('validation_label',_('Validate')); } LSsession :: setTemplate('question.tpl');