← Back to branch summary

~ubuntu-branches/ubuntu/maverick/cacti/maverick-security

« back to all changes in this revision

Viewing changes to lib/timespan_settings.php

  • Committer: Bazaar Package Importer
  • Author(s): Sean Finney
  • Date: 2010-08-17 22:22:02 UTC
  • mfrom: (1.1.11 upstream)
  • Revision ID: james.westby@ubuntu.com-20100817222202-4a173d1dfbfswz71
Tags: 0.8.7g-1
http://bugs.debian.org/592465
http://bugs.debian.org/593203
http://bugs.debian.org/578909
* New upstream release (Closes: #592465).
* Update context in 05_no-adodb.patch to remove fuzz.
* Remove "official" patches from previous release.
* Remove 563955_undefined_index_local_data_id.patch, incorporated upstream.
* Remove CVE-2010-2092.patch, incorporated upstream.
* Import new batch of "official" upstream patches.
* Update apache configuration to work in FastCGI deployments (Closes: #593203).
   - thanks to Thijs Kinkhorst <thijs@uvt.nl> (Closes: #578909).

Show diffs side-by-side

added added

removed removed

Lines of Context:
lib/timespan_settings.php
1
1
<?php
2
2
/*
3
3
 +-------------------------------------------------------------------------+
4
 
 | Copyright (C) 2004-2009 The Cacti Group                                 |
 
4
 | Copyright (C) 2004-2010 The Cacti Group                                 |
5
5
 |                                                                         |
6
6
 | This program is free software; you can redistribute it and/or           |
7
7
 | modify it under the terms of the GNU General Public License             |
125
125
        if (isset($_POST["date1"])) {
126
126
                /* the dates have changed, therefore, I am now custom */
127
127
                if (($_SESSION["sess_current_date1"] != $_POST["date1"]) || ($_SESSION["sess_current_date2"] != $_POST["date2"])) {
128
 
                        $timespan["current_value_date1"] = $_POST["date1"];
 
128
                        $timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
129
129
                        $timespan["begin_now"] =strtotime($timespan["current_value_date1"]);
130
 
                        $timespan["current_value_date2"] = $_POST["date2"];
 
130
                        $timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
131
131
                        $timespan["end_now"]=strtotime($timespan["current_value_date2"]);
132
132
                        $_SESSION["sess_current_timespan"] = GT_CUSTOM;
133
133
                        $_SESSION["custom"] = 1;
135
135
                }else {
136
136
                        /* the default button wasn't pushed */
137
137
                        if (!isset($_POST["button_clear_x"])) {
138
 
                                $timespan["current_value_date1"] = $_POST["date1"];
139
 
                                $timespan["current_value_date2"] = $_POST["date2"];
 
138
                                $timespan["current_value_date1"] = sanitize_search_string($_POST["date1"]);
 
139
                                $timespan["current_value_date2"] = sanitize_search_string($_POST["date2"]);
140
140
                                $timespan["begin_now"] = $_SESSION["sess_current_timespan_begin_now"];
141
141
                                $timespan["end_now"] = $_SESSION["sess_current_timespan_end_now"];
142
142
 
150
150
                                }
151
151
 
152
152
                                /* custom display refresh */
153
 
                                if ($_SESSION["custom"]) {
 
153
                                if (isset($_SESSION["custom"])) {
154
154
                                        $_SESSION["sess_current_timespan"] = GT_CUSTOM;
155
155
                                /* refresh the display */
156
156
                                }else {