Commit b1ed926b authored by Marius Cramer's avatar Marius Cramer
Browse files

Improved input validation

parent f2fc77f2
...@@ -57,7 +57,7 @@ if(isset($_POST['records']) && is_array($_POST['records'])) { ...@@ -57,7 +57,7 @@ if(isset($_POST['records']) && is_array($_POST['records'])) {
$file_content = "<?php\n"; $file_content = "<?php\n";
foreach($_POST['records'] as $key => $val) { foreach($_POST['records'] as $key => $val) {
$val = stripslashes($val); $val = stripslashes($val);
$val = str_replace('"', '\"', $val); $val = preg_replace('/(^|[^\\\\])((\\\\\\\\)*)"/', '$1$2\\"', $val);
$val = str_replace('$', '', $val); $val = str_replace('$', '', $val);
$file_content .= '$wb['."'$key'".'] = "'.$val.'";'."\n"; $file_content .= '$wb['."'$key'".'] = "'.$val.'";'."\n";
$msg = 'File saved.'; $msg = 'File saved.';
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment