/** * Remove an assortment of special characters from a variable or array: * 1. Strip slashes if magic quotes are turned on. * 2. Strip out any HTML * 3. Strip out any CRLF * 4. Remove any white space * * @access public * @param string $var The variable to process. * @return string $var, minus any special quotes. */ function test_MAX_commonRemoveSpecialChars() { $this->sendMessage('test_MAX_commonRemoveSpecialChars'); if (get_magic_quotes_gpc()) { $strIn0 = "Mr O\\'Reilly<br />" . chr(13) . chr(10); $strIn1 = "\\'Mr Reilly\\'\r\n"; } else { $strIn0 = "Mr O'Reilly<br />" . chr(13) . chr(10); $strIn1 = "'Mr Reilly'\r\n"; } $strRe0 = "Mr O'Reilly"; $strRe1 = "'Mr Reilly'"; $aIn = array(0 => $strIn0, 1 => array(0 => $strIn1)); MAX_commonRemoveSpecialChars($aIn); $prn = var_export($aIn[1][0], true); $this->assertEqual($aIn[0], $strRe0); $this->assertEqual($aIn[1][0], $strRe1, 'test_MAX_commonRemoveSpecialChars'); }
| Copyright: See the COPYRIGHT.txt file. | | License: GPLv2 or later, see the LICENSE.txt file. | +---------------------------------------------------------------------------+ */ // Require the initialisation file require_once '../../init.php'; // Required files require_once MAX_PATH . '/lib/OA/Dal.php'; require_once MAX_PATH . '/www/admin/config.php'; require_once MAX_PATH . '/www/admin/lib-statistics.inc.php'; require_once MAX_PATH . '/lib/max/other/html.php'; // Register input variables phpAds_registerGlobal('action', 'variablemethod'); // Since there may be an unknown number of variables posted (which are accessed by $_POST directly in the code below), // clean the whole $_POST array MAX_commonRemoveSpecialChars($_POST); /*-------------------------------------------------------*/ /* Affiliate interface security */ /*-------------------------------------------------------*/ OA_Permission::enforceAccount(OA_ACCOUNT_MANAGER); OA_Permission::enforceAccessToObject('clients', $clientid); OA_Permission::enforceAccessToObject('trackers', $trackerid); /*-------------------------------------------------------*/ /* Store preferences */ /*-------------------------------------------------------*/ $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'] = $clientid; phpAds_SessionDataStore(); /*-------------------------------------------------------*/ /* HTML framework */ /*-------------------------------------------------------*/ if (!isset($variables)) {
$aElements = explode($delim, $qs); foreach ($aElements as $element) { $len = strpos($element, '='); if ($len !== false) { $name = substr($element, 0, $len); $value = substr($element, $len + 1); $aArr[$name] = urldecode($value); } } } // Prevent click from being cached by browsers MAX_commonSetNoCacheHeaders(); // Convert specially encoded params into the $_REQUEST variable MAX_querystringConvertParams(); // Remove any special characters MAX_commonRemoveSpecialChars($_REQUEST); // Get the variables $viewerId = MAX_cookieGetUniqueViewerID(); if (!empty($GLOBALS['_MAX']['COOKIE']['newViewerId']) && empty($_GET[$conf['var']['cookieTest']])) { // No previous cookie was found, and we have not tried to force setting one... MAX_cookieSetViewerIdAndRedirect($viewerId); } $adId = isset($_REQUEST[$conf['var']['adId']]) ? explode($GLOBALS['_MAX']['MAX_DELIVERY_MULTIPLE_DELIMITER'], $_REQUEST[$conf['var']['adId']]) : array(); $zoneId = isset($_REQUEST[$conf['var']['zoneId']]) ? explode($GLOBALS['_MAX']['MAX_DELIVERY_MULTIPLE_DELIMITER'], $_REQUEST[$conf['var']['zoneId']]) : array(); $creativeId = isset($_REQUEST[$conf['var']['creativeId']]) ? explode($GLOBALS['_MAX']['MAX_DELIVERY_MULTIPLE_DELIMITER'], $_REQUEST[$conf['var']['creativeId']]) : array(); $lastClick = isset($_REQUEST[$conf['var']['lastClick']]) ? explode($GLOBALS['_MAX']['MAX_DELIVERY_MULTIPLE_DELIMITER'], $_REQUEST[$conf['var']['lastClick']]) : array(); $aBlockLoggingClick = isset($_REQUEST[$conf['var']['blockLoggingClick']]) ? $_REQUEST[$conf['var']['blockLoggingClick']] : array(); if (empty($adId) && !empty($zoneId)) { foreach ($zoneId as $index => $zone) { $adId[$index] = _getZoneAd($zone); $creativeId[$index] = 0;