summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
authorBenny Baumann <BenBE@geshi.org>2013-06-09 20:56:08 +0200
committerBenny Baumann <BenBE@geshi.org>2013-06-09 20:56:08 +0200
commite618f6d3540fe5a11e4f7bebe58c0fb894ed373f (patch)
treefce3c9c0716fd33a4491b2f03d4973e312f7d771 /includes
parentc8e4cfd43b3c6111a34ac9deb313acc78a46a376 (diff)
parenta6fee6fa9a8d65a2b955e009be9003006fc47a57 (diff)
downloadcacert-devel-e618f6d3540fe5a11e4f7bebe58c0fb894ed373f.tar.gz
cacert-devel-e618f6d3540fe5a11e4f7bebe58c0fb894ed373f.tar.xz
cacert-devel-e618f6d3540fe5a11e4f7bebe58c0fb894ed373f.zip
Merge branch 'bug-1137' into testserver-stable
Conflicts: pages/wot/6.php www/wot.php
Diffstat (limited to 'includes')
-rw-r--r--includes/wot.inc.php25
1 files changed, 19 insertions, 6 deletions
diff --git a/includes/wot.inc.php b/includes/wot.inc.php
index 59c6d13..9efcf8b 100644
--- a/includes/wot.inc.php
+++ b/includes/wot.inc.php
@@ -641,6 +641,7 @@ function AssureFoot($oldid,$confirm)
// double with notray.inc
/**
* write_user_agreement()
+ * writes a new record to the table user_agreement
*
* @param mixed $memid
* @param mixed $document
@@ -651,40 +652,52 @@ function AssureFoot($oldid,$confirm)
* @return
*/
function write_user_agreement($memid, $document, $method, $comment, $active=1, $secmemid=0){
- // write a new record to the table user_agreement
- $query="insert into `user_agreements` set `memid`=".$memid.", `secmemid`=".$secmemid.
- ",`document`='".$document."',`date`=NOW(), `active`=".$active.",`method`='".$method."',`comment`='".$comment."'" ;
+ //
+ $query="insert into `user_agreements` set `memid`=".intval($memid).", `secmemid`=".intval($secmemid).
+ ",`document`='".$document."',`date`=NOW(), `active`=".intval($active).",`method`='".$method."',`comment`='".$comment."'" ;
$res = mysql_query($query);
}
/**
* check_date_format()
+ * checks if the date is entered in the right date format YYYY-MM-DD and
+ * if the date is after the 1st January of the given year
*
* @param mixed $date
* @param integer $year
* @return
*/
function check_date_format($date, $year=2000){
- //checks if the date is entered in the right date format YYYY-MM-DD and if
if (!strpos($date,'-')) {
return FALSE;
}
$arr=explode('-',$date);
+
+ if ((count($arr)!=3)) {
+ return FALSE;
+ }
if (intval($arr[0])<=$year) {
return FALSE;
}
- return checkdate(intval($arr[1]), intval($arr[2]), intval($arr[0]));
+ if (intval($arr[1])>12 or intval($arr[1])<=0) {
+ return FALSE;
+ }
+ if (intval($arr[2])>31 or intval($arr[2])<=0) {
+ return FALSE;
+ }
+
+ return checkdate( intval($arr[1]), intval($arr[2]), intval($arr[0]));
}
/**
* check_date_differnce()
+ * returns false if the date is larger then today + time diffrence
*
* @param mixed $date
* @param integer $diff
* @return
*/
function check_date_differnce($date, $diff=1){
- //returns false if the date is larger then today + time diffrence
return (strtotime($date)<=time()+$diff*86400);
}