if (!mysql_select_db($dbname, $GLOBALS['dbConn'])) { die("Database not found. Check configurations"); } @sql_query("SET NAMES '" . $GLOBALS['db_conn_names'] . "'", $GLOBALS['dbConn']); @sql_query("SET CHARACTER SET '" . $GLOBALS['db_conn_char_set'] . "'", $GLOBALS['dbConn']); // load lms setting ------------------------------------------------------------------ session_name("docebo_session"); session_start(); // load regional setting -------------------------------------------------------------- // load current user from session ----------------------------------------------------- require_once _base_ . '/lib/lib.user.php'; $GLOBALS['current_user'] =& DoceboUser::createDoceboUserFromSession('public_area'); //require_once(_i18n_.'/lib.lang.php'); require_once _base_ . '/lib/lib.template.php'; require_once _base_ . '/lib/lib.utils.php'; // security check -------------------------------------------------------------------- chkInput($_GET); chkInput($_POST); chkInput($_COOKIE); $GLOBALS['operation_result'] = ''; function aout($string) { $GLOBALS['operation_result'] .= $string; } // here all the specific code ========================================================== // ===================================================================================== // close database connection mysql_close($GLOBALS['dbConn']); ob_clean(); echo $GLOBALS['operation_result']; ob_end_flush();
function chkInput(&$arrData, $deeper = TRUE, $deep_reached = 0) { $good = TRUE; if ($deep_reached > CHK_MAX_DEEP) { return; } while (list($key, $val) = each($arrData)) { // check key ---------------------------------------------------------- $new_key = $key; if (get_magic_quotes_gpc()) { $new_key = stripslashes($new_key); } if (!dontCleanHtml($key)) { $new_key = kses($new_key); } $new_key = mysql_escape_string($new_key); if ($new_key != $key) { $arrData[$new_key] = $arrData[$key]; unset($arrData[$key]); $key = $new_key; $good = FALSE; } // check value -------------------------------------------------------- if (is_array($val) && $deeper) { // if $val is array and deeper is TRUE we call chkInput recursively if (!chkInput($val, $deeper, $deep_reached++)) { // if $val is changed reassign to containers array $arrData[$key] = $val; $good = FALSE; } } elseif (is_string($val)) { $new_val = $val; if (!dontReplaceBaseUrl($key)) { $new_val = putSiteBaseUrlTag($new_val); } if (get_magic_quotes_gpc()) { $new_val = stripslashes($new_val); } if (!dontCleanHtml($key)) { $new_val = kses($new_val); } $new_val = mysql_escape_string($new_val); if ($new_val != $val) { $arrData[$key] = $new_val; $good = FALSE; } } } // end while ------------------------------------------------------------ return $good; }