Changeset 2771:fd1fc8978a13 for plugins/pages/_public.php

Timestamp:

11/07/14 14:53:06 (11 years ago)

Author:

franck <carnet.franck.paul@…>

Branch:

default

Message:

Prevents integer conversion of "post_id" array key, address #1970

File:

• plugins/pages/_public.php (modified) (1 diff)

plugins/pages/_public.php

@@ -79 +79 @@
 
                          # Check for match
+                         # Note: We must prefix post_id key with '#'' in pwd_cookie array in order to avoid integer conversion
+                         # because MyArray["12345"] is treated as MyArray[12345]
                          if ((!empty($_POST['password']) && $_POST['password'] == $post_password)
-                         || (isset($pwd_cookie[$post_id]) && $pwd_cookie[$post_id] == $post_password))
-                         {
-                              $pwd_cookie[$post_id] = $post_password;
+                         || (isset($pwd_cookie['#'.$post_id]) && $pwd_cookie['#'.$post_id] == $post_password))
+                         {
+                              $pwd_cookie['#'.$post_id] = $post_password;
                               setcookie('dc_passwd',json_encode($pwd_cookie),0,'/');
                          }