Mirrors/ICEcoder
2
0
Fork 0
mirror of https://github.com/icecoder/ICEcoder.git synced 2026-03-24 01:07:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Test $_GET['string'] before setting

Browse Source 
Minor text adjustments
Only set the session var if we have no QS param
Fix str_replace on > char's
Delete unnecessary $configUsersTemplate line
This commit is contained in:
Matt Pass
2014-06-27 08:38:35 +01:00
parent bc8d715a56
commit 8509a62f06
1 changed files with 7 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
test.php
View File

@@ -13,7 +13,7 @@ echo "<b>Test date, time & microtime:</b><br>".date("jS M Y g:i:sa")." (".microt
$success = 0;
echo '<b>TEST 1 of 3<br>PHP Version:</b></b><br>ICEcoder needs at least PHP 5.0, tho 5.3 and above is recommended:<br><br>';
echo '<b>TEST 1 of 3: PHP Version:</b></b><br>ICEcoder needs at least PHP 5.0, tho 5.3 and above is recommended:<br><br>';
echo "Your PHP Version: ".phpversion()."<br><br>";
echo '<b>TEST RESULT:</b> ';
@@ -28,9 +28,9 @@ echo "<br><br><hr><br>";
if(!isset($_SESSION)) {@session_start();}
echo '<b>TEST 2 of 3<br>Sessions:</b></b><br>These values should all be the same:<br><br>';
echo '<b>TEST 2 of 3: Sessions:</b></b><br>These values should all be the same:<br><br>';
echo '<div style="display: inline-block; width: 200px">SESSION, BEFORE SET:</div>'.$_SESSION["string"]."<br>";
if (!isset($_SESSION["string"])) {
if (!isset($_GET["string"])) {
$_SESSION["string"] = md5(uniqid(mt_rand(), true));
header("Location: test.php?string=".$_SESSION["string"]);
echo "<script>window.location = 'test.php?string=".$_SESSION["string"]."';</script>";
@@ -38,8 +38,8 @@ if (!isset($_SESSION["string"])) {
}
echo '<div style="display: inline-block; width: 200px">SESSION, AFTER SET:</div>'.$_SESSION["string"]."<br>";
echo '<div style="display: inline-block; width: 200px">GET:</div>'.str_replace("<", "&lt;", str_replace("<", "&lt;", $_GET["string"]))."<br>";
echo '<div style="display: inline-block; width: 200px">REQUEST:</div>'.str_replace("<", "&lt;", str_replace("<", "&lt;", $_REQUEST["string"]))."<br>";
echo '<div style="display: inline-block; width: 200px">GET:</div>'.str_replace("<", "&lt;", str_replace(">", "&gt;", $_GET["string"]))."<br>";
echo '<div style="display: inline-block; width: 200px">REQUEST:</div>'.str_replace("<", "&lt;", str_replace(">", "&gt;", $_REQUEST["string"]))."<br>";
echo '<br>...and hitting this button shouldn\'t change the values:<br><br>';
echo '<div onclick="window.location=\'test.php?string='.$_SESSION["string"].'\'" style="display: inline-block; background: #ccc; padding: 10px; cursor: pointer">Reload page with GET param</div>';
echo "<br><br>";
@@ -55,10 +55,8 @@ echo "<br><br><hr><br>";
echo '<b>TEST 3 of 3<br>Includes:</b><br>Attempt to include settings file:<br><br>';
echo '<b>TEST 3 of 3: Includes:</b><br>Attempt to include settings file:<br><br>';
$configSettings = 'config___settings.php';
$configUsersTemplate = 'config___users-template.php';
// Load config settings
include(dirname(__FILE__)."/lib/".$configSettings);
@@ -77,6 +75,7 @@ echo "<br><br><hr><br>";
echo "<b>Overall Test result:</b><br>";
echo $success." of 3 tests passed successfully<br><br>";
?>
</body>
</html>