From e55d5bb64688961813d47812ff642cdbffb10375 Mon Sep 17 00:00:00 2001 From: Christian Schneider Date: Sun, 11 Nov 2007 14:17:44 +0000 Subject: Changed it_untaint and it_taintcheck to not modify input var --- auto_prepend.php | 8 ++++---- itjs.class | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/auto_prepend.php b/auto_prepend.php index 0b8bb68..7500061 100644 --- a/auto_prepend.php +++ b/auto_prepend.php @@ -154,8 +154,8 @@ function db_version() */ if (function_exists("taint")) { - function it_untaint(&$value, $marks = TC_HTML) { untaint($value, $marks); return $value; } - function it_taintcheck(&$value, $marks = TC_HTML) { if (istainted($value) & $marks) { untaint($value, $marks); it::error("it_taintcheck($value, $marks) failed"); } return $value; } + function it_untaint($value, $marks = TC_HTML) { untaint($value, $marks); return $value; } + function it_taintcheck($value, $marks = TC_HTML) { if (istainted($value) & $marks) { untaint($value, $marks); it::error(it_untaint("it_taintcheck($value, $marks) failed")); } return $value; } } else { @@ -166,8 +166,8 @@ else define('TC_SELF', 0); define('TC_ALL', 0); define('TC_NONE', 0); - function it_untaint(&$value, $marks = 0) { return $value; } - function it_taintcheck(&$value, $marks = 0) { return $value; } + function it_untaint($value, $marks = 0) { return $value; } + function it_taintcheck($value, $marks = 0) { return $value; } } ?> diff --git a/itjs.class b/itjs.class index df80123..a040d79 100644 --- a/itjs.class +++ b/itjs.class @@ -56,7 +56,7 @@ function serialize($values, $envelope = false) } } - return $header . itjs::encode($values) . $footer; + return it_untaint($result = $header . itjs::encode($values) . $footer); } /* -- cgit v1.2.3