summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2014-06-21 23:56:28 +0200
committerMichael Tänzer <neo@nhng.de>2014-06-21 23:56:28 +0200
commit7fbd25520ae6d4920453961728b115d8a974eb97 (patch)
treee799a9172825a9c38b8f4c3acfba58b19d7a74b5
parent98d7e6833b3fb094d88b8aea74077e6f646665e8 (diff)
downloadcacert-devel-7fbd25520ae6d4920453961728b115d8a974eb97.tar.gz
cacert-devel-7fbd25520ae6d4920453961728b115d8a974eb97.tar.xz
cacert-devel-7fbd25520ae6d4920453961728b115d8a974eb97.zip
bug 1226: Treat the date values as integer
Signed-off-by: Michael Tänzer <neo@nhng.de>
-rw-r--r--pages/wot/5.php12
-rw-r--r--pages/wot/6.php6
-rw-r--r--www/wot.php6
3 files changed, 12 insertions, 12 deletions
diff --git a/pages/wot/5.php b/pages/wot/5.php
index a9c3dcb..7fdd1c5 100644
--- a/pages/wot/5.php
+++ b/pages/wot/5.php
@@ -28,13 +28,13 @@
}
if (!isset($_SESSION['assuresomeone']['year'])) {
- $_SESSION['assuresomeone']['year'] = '';
+ $_SESSION['assuresomeone']['year'] = 0;
}
if (!isset($_SESSION['assuresomeone']['month'])) {
- $_SESSION['assuresomeone']['month'] = '';
+ $_SESSION['assuresomeone']['month'] = 0;
}
if (!isset($_SESSION['assuresomeone']['day'])) {
- $_SESSION['assuresomeone']['day'] = '';
+ $_SESSION['assuresomeone']['day'] = 0;
}
?>
<? if(array_key_exists('noemailfound',$_SESSION['_config']) && $_SESSION['_config']['noemailfound'] == 1) { ?>
@@ -75,13 +75,13 @@
<?=_("Date of Birth")?><br/>
(<?=_("yyyy/mm/dd")?>)</td>
<td class="DataTD">
- <input type="text" name="year" value="<?=array_key_exists('year',$_SESSION['assuresomeone']) ? sanitizeHTML($_SESSION['assuresomeone']['year']):""?>" size="4" autocomplete="off"></nobr>
+ <input type="text" name="year" value="<?=array_key_exists('year',$_SESSION['assuresomeone']) && intval($_SESSION['assuresomeone']['year']) !== 0 ? intval($_SESSION['assuresomeone']['year']):''?>" size="4" autocomplete="off"></nobr>
<select name="month">
<?
for($i = 1; $i <= 12; $i++)
{
echo "<option value='$i'";
- if(array_key_exists('month',$_SESSION['assuresomeone']) && $_SESSION['assuresomeone']['month'] == $i)
+ if(array_key_exists('month',$_SESSION['assuresomeone']) && intval($_SESSION['assuresomeone']['month']) === $i)
echo " selected=\"selected\"";
echo ">".ucwords(strftime("%B", mktime(0,0,0,$i,1,date("Y"))))." ($i)</option>\n";
}
@@ -92,7 +92,7 @@ for($i = 1; $i <= 12; $i++)
for($i = 1; $i <= 31; $i++)
{
echo "<option";
- if(array_key_exists('day',$_SESSION['assuresomeone']) && $_SESSION['assuresomeone']['day'] == $i)
+ if(array_key_exists('day',$_SESSION['assuresomeone']) && intval($_SESSION['assuresomeone']['day']) === $i)
echo " selected=\"selected\"";
echo ">$i</option>";
}
diff --git a/pages/wot/6.php b/pages/wot/6.php
index 6934d0f..200a526 100644
--- a/pages/wot/6.php
+++ b/pages/wot/6.php
@@ -24,9 +24,9 @@
}
$row = $_SESSION['_config']['notarise'];
- $_SESSION['assuresomeone']['year'] = '';
- $_SESSION['assuresomeone']['month'] = '';
- $_SESSION['assuresomeone']['day'] = '';
+ $_SESSION['assuresomeone']['year'] = 0;
+ $_SESSION['assuresomeone']['month'] = 0;
+ $_SESSION['assuresomeone']['day'] = 0;
if($_SESSION['profile']['ttpadmin'] == 1)
// $methods = array("Face to Face Meeting", "Trusted 3rd Parties", "TopUP");
diff --git a/www/wot.php b/www/wot.php
index e1d1572..40a60a6 100644
--- a/www/wot.php
+++ b/www/wot.php
@@ -199,9 +199,9 @@ function send_reminder()
exit;
}
if ($_SESSION['profile']['ttpadmin'] != 1) {
- $_SESSION['assuresomeone']['year'] = mysql_real_escape_string(stripslashes($_POST['year']));
- $_SESSION['assuresomeone']['month'] = mysql_real_escape_string(stripslashes($_POST['month']));
- $_SESSION['assuresomeone']['day'] = mysql_real_escape_string(stripslashes($_POST['day']));
+ $_SESSION['assuresomeone']['year'] = intval($_POST['year']);
+ $_SESSION['assuresomeone']['month'] = intval($_POST['month']);
+ $_SESSION['assuresomeone']['day'] = intval($_POST['day']);
$dob = $_SESSION['assuresomeone']['year'] . '-' . sprintf('%02d',$_SESSION['assuresomeone']['month']) . '-' . sprintf('%02d', $_SESSION['assuresomeone']['day']);
if ( $_SESSION['_config']['notarise']['dob'] != $dob) {