]> git.p6c8.net - jirafeau_project.git/blobdiff - lib/functions.php
git.p6c8.net / jirafeau_project.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
update README.md for IE compatibility mode
[jirafeau_project.git] / lib / functions.php
diff --git a/lib/functions.php b/lib/functions.php
index 77acae1bd973f281586111e295bf096eef3234bd..0f42e217d7ba380c16e1940333fa85807fcd415e 100644 (file)
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -614,7 +614,7 @@ jirafeau_admin_list ($name, $file_hash, $link_hash)
                     continue;
 
                 /* Filter. */
-                if (!empty ($name) && !preg_match ("/$name/i", $l['file_name']))
+                if (!empty ($name) && !preg_match ("/$name/i", htmlspecialchars($l['file_name'])))
                     continue;
                 if (!empty ($file_hash) && $file_hash != $l['md5'])
                     continue;
@@ -626,7 +626,7 @@ jirafeau_admin_list ($name, $file_hash, $link_hash)
                 '<form action = "admin.php" method = "post">' .
                 '<input type = "hidden" name = "action" value = "download"/>' .
                 '<input type = "hidden" name = "link" value = "' . $node . '"/>' .
-                '<input type = "submit" value = "' . $l['file_name'] . '" />' .
+                '<input type = "submit" value = "' . htmlspecialchars($l['file_name']) . '" />' .
                 '</form>';
                 echo '</td>';
                 echo '<td>' . $l['mime_type'] . '</td>';
@@ -1134,3 +1134,14 @@ function get_ip_address($cfg) {
     }
     return $_SERVER['REMOTE_ADDR'];
 }
+
+/**
+ * Convert hexadecimal string to base64
+ */
+function hex_to_base64($hex)
+{
+    $b = '';
+    foreach (str_split ($hex, 2) as $pair)
+        $b .= chr (hexdec ($pair));
+    return base64_encode ($b);
+}
Fork of Jirafeau by a group of developers after mojo42 discontinued it; main repository at https://gitlab.com/jirafeau/Jirafeau

patrick-canterino.de