moparisthebest
/
moparscape.org-smf
mirror of https://github.com/moparisthebest/moparscape.org-smf
1
0
Fork 0
Code Issues Releases Wiki Activity

simpleportal with eval removed

This commit is contained in:
Tom 2014-05-20 16:10:36 +00:00
parent 4df31ab18f
commit 46ba401666
6 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
Packages/SimplePortal_2.3.5.zip
View File

Binary file not shown.

BIN
Packages/backups/2014-05-20_backup_SimplePortal_2.tar.gz Normal file
View File

Binary file not shown.

BIN
Packages/backups/2014-05-20_before_SimplePortal_2.tar.gz Normal file
View File

Binary file not shown.

2
Packages/installed.list
View File

@ -1 +1 @@
1400527916
1400602042

4
Sources/PortalBlocks.php
View File

@ -3550,7 +3550,7 @@ function sp_php($parameters, $id, $return_parameters = false)
if ($return_parameters)
return $block_parameters;
$content = !empty($parameters['content']) ? $parameters['content'] : '';
$content = " ";
$content = trim(un_htmlspecialchars($content));
if (substr($content, 0, 5) == '<?php')
@ -3558,7 +3558,7 @@ function sp_php($parameters, $id, $return_parameters = false)
if (substr($content, -2) == '?>')
$content = substr($content, 0, -2);
eval($content);
//eval($content);
}
?>

5
Sources/Subs-Portal.php
View File

@ -509,7 +509,8 @@ function getShowInfo($block_id = null, $display = null, $custom = null)
);
}
return @eval(str_replace(array_keys($variables), array_values($variables), un_htmlspecialchars(substr($custom, 4))) . ';');
//return @eval(str_replace(array_keys($variables), array_values($variables), un_htmlspecialchars(substr($custom, 4))) . ';');
return "";
}
$custom = explode(',', $custom);
@ -1154,7 +1155,7 @@ function sportal_parse_page($body, $type)
$body = trim(un_htmlspecialchars($body));
$body = trim($body, '<?php');
$body = trim($body, '?>');
eval($body);
//eval($body);
}
}