Skip to content
Snippets Groups Projects
Commit d9b739c4 authored by Olav Morken's avatar Olav Morken
Browse files

Remove previously added magic quotes cleanup functions. 

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@196 44740490-163a-0410-bde0-09ae8108e29a
parent a18b3b08
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php
+ 0
28
View file @ d9b739c4
...@@ -91,10 +91,6 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect { ...@@ -91,10 +91,6 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect {
if($_GET['RelayState']) { if($_GET['RelayState']) {
$relaystate = $_GET['RelayState']; $relaystate = $_GET['RelayState'];
/* Remove any magic quotes that php may have added. */
if(get_magic_quotes_gpc()) {
$relaystate = stripslashes($relaystate);
}
$query .= "&RelayState=" . urlencode($relaystate); $query .= "&RelayState=" . urlencode($relaystate);
} }
...@@ -200,10 +196,6 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect { ...@@ -200,10 +196,6 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect {
throw new Exception('SAMLRequest parameter not set in paramter (on SAML 2.0 HTTP Redirect binding endpoint)'); throw new Exception('SAMLRequest parameter not set in paramter (on SAML 2.0 HTTP Redirect binding endpoint)');
} }
$rawRequest = $get["SAMLRequest"]; $rawRequest = $get["SAMLRequest"];
/* We don't need to remove any magic quotes from the
* SAMLRequest parameter since this parameter is guaranteed
* to be base64-encoded.
*/
/* Check if the service provider has included a RelayState /* Check if the service provider has included a RelayState
* parameter with the request. This parameter should be * parameter with the request. This parameter should be
...@@ -211,10 +203,6 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect { ...@@ -211,10 +203,6 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect {
*/ */
if(array_key_exists('RelayState', $get)) { if(array_key_exists('RelayState', $get)) {
$relaystate = $get['RelayState']; $relaystate = $get['RelayState'];
/* Remove any magic quotes that php may have added. */
if(get_magic_quotes_gpc()) {
$relaystate = stripslashes($relaystate);
}
} else { } else {
$relaystate = NULL; $relaystate = NULL;
} }
...@@ -240,18 +228,10 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect { ...@@ -240,18 +228,10 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect {
throw new Exception('SAMLRequest parameter not set in paramter (on SAML 2.0 HTTP Redirect binding endpoint)'); throw new Exception('SAMLRequest parameter not set in paramter (on SAML 2.0 HTTP Redirect binding endpoint)');
} }
$rawRequest = $get["SAMLRequest"]; $rawRequest = $get["SAMLRequest"];
/* We don't need to remove any magic quotes from the
* SAMLRequest parameter since this parameter is guaranteed
* to be base64-encoded.
*/
/* Check if a RelayState was provided with the request. */ /* Check if a RelayState was provided with the request. */
if(array_key_exists('RelayState', $get)) { if(array_key_exists('RelayState', $get)) {
$relaystate = $get['RelayState']; $relaystate = $get['RelayState'];
/* Remove any magic quotes that php may have added. */
if(get_magic_quotes_gpc()) {
$relaystate = stripslashes($relaystate);
}
} else { } else {
$relaystate = NULL; $relaystate = NULL;
} }
...@@ -276,18 +256,10 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect { ...@@ -276,18 +256,10 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect {
throw new Exception('SAMLResponse parameter not set in paramter (on SAML 2.0 HTTP Redirect binding endpoint)'); throw new Exception('SAMLResponse parameter not set in paramter (on SAML 2.0 HTTP Redirect binding endpoint)');
} }
$rawRequest = $get["SAMLResponse"]; $rawRequest = $get["SAMLResponse"];
/* We don't need to remove any magic quotes from the
* SAMLResponse parameter since this parameter is guaranteed
* to be base64-encoded.
*/
/* Check if a RelayState was provided with the request. */ /* Check if a RelayState was provided with the request. */
if(array_key_exists('RelayState', $get)) { if(array_key_exists('RelayState', $get)) {
$relaystate = $get['RelayState']; $relaystate = $get['RelayState'];
/* Remove any magic quotes that php may have added. */
if(get_magic_quotes_gpc()) {
$relaystate = stripslashes($relaystate);
}
} else { } else {
$relaystate = NULL; $relaystate = NULL;
} }
......
www/auth/login.php
+ 0
10
View file @ d9b739c4
...@@ -35,10 +35,6 @@ if (!array_key_exists('RelayState', $_REQUEST)) { ...@@ -35,10 +35,6 @@ if (!array_key_exists('RelayState', $_REQUEST)) {
} }
$relaystate = $_REQUEST['RelayState']; $relaystate = $_REQUEST['RelayState'];
/* Remove backslashes if magic quotes are enabled. */
if(get_magic_quotes_gpc()) {
$relaystate = stripslashes($relaystate);
}
if (isset($_POST['username'])) { if (isset($_POST['username'])) {
...@@ -57,12 +53,6 @@ if (isset($_POST['username'])) { ...@@ -57,12 +53,6 @@ if (isset($_POST['username'])) {
$username = $_POST['username']; $username = $_POST['username'];
$password = $_POST['password']; $password = $_POST['password'];
/* Remove backslashes if magic quotes are enabled. */
if(get_magic_quotes_gpc()) {
$username = stripslashes($username);
$password = stripslashes($password);
}
/* Escape any characters with a special meaning in LDAP. The following /* Escape any characters with a special meaning in LDAP. The following
* characters have a special meaning (according to RFC 2253): * characters have a special meaning (according to RFC 2253):
* ',', '+', '"', '\', '<', '>', ';', '*' * ',', '+', '"', '\', '<', '>', ';', '*'
......
www/saml2/idp/SSOService.php
+ 0
4
View file @ d9b739c4
...@@ -68,10 +68,6 @@ if (isset($_GET['SAMLRequest'])) { ...@@ -68,10 +68,6 @@ if (isset($_GET['SAMLRequest'])) {
try { try {
$requestid = $_GET['RequestID']; $requestid = $_GET['RequestID'];
/* Remove any "magic" quotes that php may have added. */
if(get_magic_quotes_gpc()) {
$requestid = stripslashes($requestid);
}
$session = SimpleSAML_Session::getInstance(); $session = SimpleSAML_Session::getInstance();
$authnrequest = $session->getAuthnRequest($requestid); $authnrequest = $session->getAuthnRequest($requestid);
......
www/saml2/idp/SingleLogoutService.php
+ 0
8
View file @ d9b739c4
...@@ -151,10 +151,6 @@ if ($spentityid) { ...@@ -151,10 +151,6 @@ if ($spentityid) {
$relayState = SimpleSAML_Utilities::selfURL(); $relayState = SimpleSAML_Utilities::selfURL();
if (isset($_GET['RelayState'])) { if (isset($_GET['RelayState'])) {
$relayState = $_GET['RelayState']; $relayState = $_GET['RelayState'];
/* Remove any magic quotes that php may have added. */
if(get_magic_quotes_gpc()) {
$relayState = stripslashes($relayState);
}
} }
//$request, $remoteentityid, $relayState = null, $endpoint = 'SingleLogoutService', $direction = 'SAMLRequest', $mode = 'SP' //$request, $remoteentityid, $relayState = null, $endpoint = 'SingleLogoutService', $direction = 'SAMLRequest', $mode = 'SP'
...@@ -202,10 +198,6 @@ try { ...@@ -202,10 +198,6 @@ try {
$relayState = SimpleSAML_Utilities::selfURL(); $relayState = SimpleSAML_Utilities::selfURL();
if (isset($_GET['RelayState'])) { if (isset($_GET['RelayState'])) {
$relayState = $_GET['RelayState']; $relayState = $_GET['RelayState'];
/* Remove any magic quotes that php may have added. */
if(get_magic_quotes_gpc()) {
$relayState = stripslashes($relayState);
}
} }
//$request, $remoteentityid, $relayState = null, $endpoint = 'SingleLogoutService', $direction = 'SAMLRequest', $mode = 'SP' //$request, $remoteentityid, $relayState = null, $endpoint = 'SingleLogoutService', $direction = 'SAMLRequest', $mode = 'SP'
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment