From 89c6aa2d87cb1446e41f3c9b7767d283c6c600d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Sun, 5 Jan 2014 05:04:41 +0100 Subject: [PATCH] Removed unused/unuseful injection checks on open survey creation --- htdocs/langs/en_US/opensurvey.lang | 1 - htdocs/opensurvey/public/choix_autre.php | 7 +------ htdocs/opensurvey/public/create_survey.php | 7 +------ 3 files changed, 2 insertions(+), 13 deletions(-) diff --git a/htdocs/langs/en_US/opensurvey.lang b/htdocs/langs/en_US/opensurvey.lang index f29dade011c..82126d16ef8 100644 --- a/htdocs/langs/en_US/opensurvey.lang +++ b/htdocs/langs/en_US/opensurvey.lang @@ -73,6 +73,5 @@ PublicLinkToCreateSurvey=Public link to allow everybody to create a survey ErrorOpenSurveyFillFirstSection=You haven't filled the first section of the poll creation ErrorOpenSurveyOneChoice=Enter at least one choice ErrorOpenSurveyDateFormat=Date must be have the format DD/MM/YYYY -ErrorOpenSurveyInvalidChars=Characters \" < and > are not permitted MoreChoices=Enter more choices for the voters AfterCreationInfo=Once you have confirmed the creation of your poll, you will be automatically redirected on the page of your poll.
Then, you will receive quickly an email contening the link to your poll for sending it to the voters. \ No newline at end of file diff --git a/htdocs/opensurvey/public/choix_autre.php b/htdocs/opensurvey/public/choix_autre.php index ccb50a899f0..4785a2b6e28 100644 --- a/htdocs/opensurvey/public/choix_autre.php +++ b/htdocs/opensurvey/public/choix_autre.php @@ -42,7 +42,6 @@ $origin=GETPOST('origin','alpha'); */ // Set session vars -$erreur_injection = false; if (isset($_SESSION["nbrecases"])) { for ($i = 0; $i < $_SESSION["nbrecases"]; $i++) { if (isset($_POST["choix"][$i])) { @@ -188,11 +187,7 @@ if ($testdate === false) { print "
" . $langs->trans("ErrorOpenSurveyDateFormat") . "

"."\n"; } -if ($erreur_injection) { - print "" . $langs->trans("ErrorOpenSurveyInvalidChars") . "

\n"; -} - -if ((isset($_POST["fin_sondage_autre"]) || isset($_POST["fin_sondage_autre_x"])) && !$erreur && !$erreur_injection) { +if ((isset($_POST["fin_sondage_autre"]) || isset($_POST["fin_sondage_autre_x"])) && !$erreur) { //demande de la date de fin du sondage print '
'."\n"; print '
'."\n"; diff --git a/htdocs/opensurvey/public/create_survey.php b/htdocs/opensurvey/public/create_survey.php index f0f99fe7659..505adbee1d3 100644 --- a/htdocs/opensurvey/public/create_survey.php +++ b/htdocs/opensurvey/public/create_survey.php @@ -51,9 +51,6 @@ foreach ($session_var as $var) // On initialise également les autres variables $erreur_adresse = false; -$erreur_injection_titre = false; -$erreur_injection_nom = false; -$erreur_injection_commentaires = false; $cocheplus = ''; $cochemail = ''; @@ -86,9 +83,7 @@ if (GETPOST("creation_sondage_date") || GETPOST("creation_sondage_autre") || GET if (! isValidEmail($adresse)) $erreur_adresse = true; - //var_dump($titre.' - '.$nom.' - '.$adresse.' - '.!$erreur_adresse.' - '.! $erreur_injection_titre.' - '.! $erreur_injection_commentaires.' - '.! $erreur_injection_nom.' - '.$creation_sondage_date.' - '.$creation_sondage_autre); exit; - - if ($titre && $nom && $adresse && !$erreur_adresse && ! $erreur_injection_titre && ! $erreur_injection_commentaires && ! $erreur_injection_nom) + if ($titre && $nom && $adresse && !$erreur_adresse) { if (! empty($creation_sondage_date)) {