Commit cdced57c authored by Leigh Stoller's avatar Leigh Stoller

Fix PHP warnings.

parent 0dcce19a
...@@ -583,7 +583,8 @@ function SPITFORM($formfields, $errors) ...@@ -583,7 +583,8 @@ function SPITFORM($formfields, $errors)
<td><input type='checkbox' <td><input type='checkbox'
name='formfields[exp_autoswap]' name='formfields[exp_autoswap]'
value='1' "; value='1' ";
if ($formfields['exp_autoswap'] == "1") { if (isset($formfields['exp_autoswap']) &&
$formfields['exp_autoswap'] == "1") {
echo " checked='1'"; echo " checked='1'";
} }
echo "></td> echo "></td>
......
...@@ -16,22 +16,10 @@ require("defs.php3"); ...@@ -16,22 +16,10 @@ require("defs.php3");
# #
RequiredPageArguments(); RequiredPageArguments();
# # Must be logged in.
# We look for anon access, and if so, redirect to ops web server. $this_user = CheckLoginOrDie();
# WARNING: See the LOGGEDINORDIE() calls below. $uid = $this_user->uid();
# $isadmin = ISADMIN();
$this_user = CheckLogin($check_status);
# Redirect now, to avoid phishing.
if ($this_user) {
CheckLoginOrDie();
}
else {
$url = $OPSCVSURL . "?cvsroot=$pid";
header("Location: $url");
return;
}
# #
# Form the real url. # Form the real url.
......
...@@ -374,24 +374,13 @@ function CHECKURL($url, &$error) { ...@@ -374,24 +374,13 @@ function CHECKURL($url, &$error) {
return 0; return 0;
} }
$fp = @fopen($url, "r"); $fp = fopen($url, "r");
if (! $fp) { if (!$fp) {
$is_redirect = 0;
# Check to see if it was a redirect, in which case its OK
for ($i = 0; $i < count($http_response_header); $i++) {
if (!strcmp("Location:", substr($http_response_header[$i],0,9))) {
$is_redirect = 1;
}
}
if (!$is_redirect) {
$error = "URL is not valid; Cannot be accessed!"; $error = "URL is not valid; Cannot be accessed!";
return 0; return 0;
} }
} else {
fclose($fp); fclose($fp);
} }
}
return 1; return 1;
} }
......
...@@ -1032,31 +1032,36 @@ function DOLOGOUT($user) { ...@@ -1032,31 +1032,36 @@ function DOLOGOUT($user) {
$CHECKLOGIN_STATUS = CHECKLOGIN_NOTLOGGEDIN; $CHECKLOGIN_STATUS = CHECKLOGIN_NOTLOGGEDIN;
$curhash = "";
$hashhash = "";
if (isset($HTTP_COOKIE_VARS[$TBAUTHCOOKIE])) {
$curhash = $HTTP_COOKIE_VARS[$TBAUTHCOOKIE]; $curhash = $HTTP_COOKIE_VARS[$TBAUTHCOOKIE];
}
if (isset($HTTP_COOKIE_VARS[$TBLOGINCOOKIE])) {
$hashhash = $HTTP_COOKIE_VARS[$TBLOGINCOOKIE]; $hashhash = $HTTP_COOKIE_VARS[$TBLOGINCOOKIE];
}
# #
# We have to get at least one of the hashes. # We have to get at least one of the hashes.
# #
if (!isset($curhash) && !isset($hashhash)) { if ($curhash == "" && $hashhash == "") {
return 1; return 1;
} }
if (isset($curhash) && if ($curhash != "" &&
! preg_match("/^[\w]+$/", $curhash)) { ! preg_match("/^[\w]+$/", $curhash)) {
return 1; return 1;
} }
if (isset($hashhash) && if ($hashhash != "" &&
! preg_match("/^[\w]+$/", $hashhash)) { ! preg_match("/^[\w]+$/", $hashhash)) {
return 1; return 1;
} }
$safe_curhash = addslashes($curhash);
$safe_hashhash = addslashes($hashhash);
DBQueryFatal("delete from login ". DBQueryFatal("delete from login ".
" where uid_idx='$uid_idx' and ". " where uid_idx='$uid_idx' and ".
(isset($curhash) ? ($curhash != "" ?
"hashkey='$safe_curhash'" : "hashkey='$curhash'" :
"hashhash='$safe_hashhash'")); "hashhash='$hashhash'"));
# Delete by giving timeout in the past # Delete by giving timeout in the past
$timeout = time() - 3600; $timeout = time() - 3600;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment