php Notice input data must be checked by xss_clean func include connec

  • Anonymous
  • PHP
  • 06 Aug 2008 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
<?php



/* 

    Notice: input data must be checked by ~ xss_clean func

*/



include("connect.php"); // DB settings & a lil bit sql-functions





if (!empty($_GET["get"]) == "logout"){

    logout();

}



// Get name of auth user

function get_auth_username(){

    if(!empty($_COOKIE['bbsessionhash'])){	

        DBSelect('forum');

        $sql = "select user.username, user.usergroupid from session, user

                where sessionhash='".$_COOKIE['bbsessionhash']."'

                and session.userid = user.userid";

        $user = Select2String($sql);

        $_SESSION['login'] = $user['username'];



        //echo $user["username"]; // debug

        return $user["username"]; // debug

    }

}



// Logout from vBulletin

function logout(){

    if(!empty($_COOKIE['bbsessionhash'])){

        DBSelect('forum');

        mysql_query("DELETE FROM session WHERE sessionhash="."'". $_COOKIE['bbsessionhash'] ."'");

        $_COOKIE = array();

    

        echo "Redirecting...";

        echo "<script language=\"JavaScript\">window.location = 'http://127.0.0.1/test/NetBeansProjects/PhpProject1/example.php';</script>";



    }

}
← newer dump
older dump →