Commit cdced57c authored by Leigh Stoller's avatar Leigh Stoller

Fix PHP warnings.

parent 0dcce19a
......@@ -583,7 +583,8 @@ function SPITFORM($formfields, $errors)
<td><input type='checkbox'
name='formfields[exp_autoswap]'
value='1' ";
if ($formfields['exp_autoswap'] == "1") {
if (isset($formfields['exp_autoswap']) &&
$formfields['exp_autoswap'] == "1") {
echo " checked='1'";
}
echo "></td>
......
......@@ -16,22 +16,10 @@ require("defs.php3");
#
RequiredPageArguments();
#
# We look for anon access, and if so, redirect to ops web server.
# WARNING: See the LOGGEDINORDIE() calls below.
#
$this_user = CheckLogin($check_status);
# Redirect now, to avoid phishing.
if ($this_user) {
CheckLoginOrDie();
}
else {
$url = $OPSCVSURL . "?cvsroot=$pid";
header("Location: $url");
return;
}
# Must be logged in.
$this_user = CheckLoginOrDie();
$uid = $this_user->uid();
$isadmin = ISADMIN();
#
# Form the real url.
......
......@@ -374,24 +374,13 @@ function CHECKURL($url, &$error) {
return 0;
}
$fp = @fopen($url, "r");
if (! $fp) {
$is_redirect = 0;
# Check to see if it was a redirect, in which case its OK
for ($i = 0; $i < count($http_response_header); $i++) {
if (!strcmp("Location:", substr($http_response_header[$i],0,9))) {
$is_redirect = 1;
}
}
if (!$is_redirect) {
$fp = fopen($url, "r");
if (!$fp) {
$error = "URL is not valid; Cannot be accessed!";
return 0;
}
} else {
fclose($fp);
}
}
return 1;
}
......
......@@ -1032,31 +1032,36 @@ function DOLOGOUT($user) {
$CHECKLOGIN_STATUS = CHECKLOGIN_NOTLOGGEDIN;
$curhash = "";
$hashhash = "";
if (isset($HTTP_COOKIE_VARS[$TBAUTHCOOKIE])) {
$curhash = $HTTP_COOKIE_VARS[$TBAUTHCOOKIE];
}
if (isset($HTTP_COOKIE_VARS[$TBLOGINCOOKIE])) {
$hashhash = $HTTP_COOKIE_VARS[$TBLOGINCOOKIE];
}
#
# We have to get at least one of the hashes.
#
if (!isset($curhash) && !isset($hashhash)) {
if ($curhash == "" && $hashhash == "") {
return 1;
}
if (isset($curhash) &&
if ($curhash != "" &&
! preg_match("/^[\w]+$/", $curhash)) {
return 1;
}
if (isset($hashhash) &&
if ($hashhash != "" &&
! preg_match("/^[\w]+$/", $hashhash)) {
return 1;
}
$safe_curhash = addslashes($curhash);
$safe_hashhash = addslashes($hashhash);
DBQueryFatal("delete from login ".
" where uid_idx='$uid_idx' and ".
(isset($curhash) ?
"hashkey='$safe_curhash'" :
"hashhash='$safe_hashhash'"));
($curhash != "" ?
"hashkey='$curhash'" :
"hashhash='$hashhash'"));
# Delete by giving timeout in the past
$timeout = time() - 3600;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment