0ct0pu5/wiby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add files via upload

Browse source
This commit is contained in:
wibyweb 2023-05-23 10:11:48 -04:00 committed by GitHub
parent 713e55b166
commit 88a529326e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
html/submit/index.php
View file

@ -4,7 +4,7 @@
{
include 'form.html.php';
}
else if($_POST['url'] == '' || strpos("x".$_POST['url'],'.') == false || strpos("x".$_POST['url'],' ') == true)
else if($_POST['url'] == '' || strpos("x".$_POST['url'],'.') == false || strpos(trim("x".$_POST['url']),' ') == true)
{
echo "It doesn't look like you submitted a valid URL.";
include 'form.html.php';
@ -50,8 +50,11 @@
exit();
}
$url = mysqli_real_escape_string($link, $_POST['url']);
$url = str_replace("''", "%27", $url);
$url = mysqli_real_escape_string($link, $_POST['url']);
$url = str_replace("''", "%27", $url);
$url = str_replace(":443", "", $url);
$url = trim($url);
//$url = str_replace("\"", "\"\"", $url); //not needed if using single quotes for query
$url = substr($url,0,400); //don't allow user to post a longer url than 400b (also limited in form)
$worksafe = mysqli_real_escape_string($link, $_POST['worksafe']);