fixed bug introduced by removal of evals; removed evals on home page

Joel Wan · Joel Wan · commit 01ccfbbb027d · 2013-01-24T23:40:59.000-08:00
diff --git a/index.php b/index.php
@@ -24,8 +24,11 @@
 }
 if ($misc->GetVariable('attributeList') != null)
 {
-	if (isset($_GET['attributeList']))
-		$attributeList = stripcslashes(urldecode($_GET['attributeList']));
+	if (isset($_GET['attributeList']))  {
+		$attArray = stripcslashes(urldecode($_GET['attributeList']));
+		$attArray = trim(preg_replace('#^array\s*\(|\d\s\=\>\s*\'|\'\,\s*\)$#', '', $attArray));
+		$attributeList = preg_split('#\'\s*,\s*#', $attArray);
+	}
 	else
 		@$attributeList=unserialize($_SESSION['attributeList']);
 }
@@ -41,7 +44,9 @@
 		{
 			$typeList = urldecode($_GET['typeList']);
 		}
-		$typeList = trim($typeList);
+		$typeArray = trim($typeList);
+		$typeArray = trim(preg_replace('#^array\s*\(|\d\s\=\>\s*\'|\'\,\s*\)$#', '', $typeArray));
+		$typeList = preg_split('#\'\s*,\s*#', $typeArray);
 		for($i=0; $i<sizeof($typeList); $i++)
 		{
 			$typeList[$i] = stripcslashes($typeList[$i]);
@@ -59,9 +64,15 @@
 if ($misc->GetVariable('classList') != null)
 {
 	if (isset($_GET['classList']))
-		$classList = stripcslashes(urldecode($_GET['classList']));
+	{
+		$classArray = stripcslashes(urldecode($_GET['classList']));
+		$classArray = trim(preg_replace('#^array\s*\(|\d\s\=\>\s*\'|\'\,\s*\)$#', '', $classArray));
+		$classList = preg_split('#\'\s*,\s*#', $classArray);
+	}
 	else
+	{
 		@$classList=unserialize($_SESSION['classList']);
+	}
 }
 
 $pdoDriver = ($misc->GetVariable('pdoDriver')!=null?$misc->GetVariable('pdoDriver'):'mysql');
diff --git a/local_46888.xml b/local_46888.xml
@@ -1,31 +1,10 @@
 <?xml version="1.0" ?>
 <Links>
-	<Link>
-		<LinkID>OI87827</LinkID>
-		<URL>http://www.forumla.de/archive/index.php/f-30.html</URL>
-		<Text>PS3 Community - Forumla.de</Text>
-		<BeforeText> </BeforeText>
-		<AfterText> </AfterText>
-	</Link>
-	<Link>
-		<LinkID>OI319561</LinkID>
-		<URL>http://www.superwarehouse.com/Sony_Laptops/b/250/c/14</URL>
-		<Text>Sony Laptops</Text>
-		<BeforeText> </BeforeText>
-		<AfterText> </AfterText>
-	</Link>
 	<Link>
 		<LinkID>OI469063</LinkID>
 		<URL>http://www.canadianwebhosting.com/domain_hosting.asp</URL>
 		<Text>domain hosting</Text>
 		<BeforeText> </BeforeText>
 		<AfterText> </AfterText>
 	</Link>
-	<Link>
-		<LinkID>OI576934</LinkID>
-		<URL>http://www.facebook.com/FisherInvestmentsMarketMinder</URL>
-		<Text>Market Minder on Facebook</Text>
-		<BeforeText> </BeforeText>
-		<AfterText> </AfterText>
-	</Link>
 </Links>
diff --git a/regenerate.php b/regenerate.php
@@ -57,7 +57,7 @@
 		}
 		else
 		{
-			$_SESSION[$arguments[0]] = $value;
+			eval ("\$_SESSION['".$arguments[0]."'] = '".$value."';");
 		}
 	}
 	if (!isset($pdoDrive))
diff --git a/services/soap_php5.php b/services/soap_php5.php
@@ -289,7 +289,7 @@ function GeneratePackageFromLink($link)
 			}
 			else
 			{
-				$$arguments[0] = $value;
+				eval ("$".$arguments[0]." = '".$value."';");
 			}
 			if (!isset($pdoDrive))
 			{

Original file line number	Diff line number	Diff line change
`@@ -24,8 +24,11 @@`
`24`	`24`	`}`
`25`	`25`	`if ($misc->GetVariable('attributeList') != null)`
`26`	`26`	`{`
`27`		`- if (isset($_GET['attributeList']))`
`28`		`- $attributeList = stripcslashes(urldecode($_GET['attributeList']));`
	`27`	`+ if (isset($_GET['attributeList'])) {`
	`28`	`+ $attArray = stripcslashes(urldecode($_GET['attributeList']));`
	`29`	`+ $attArray = trim(preg_replace('#^array\s\(\|\d\s\=\>\s\'\|\'\,\s*\)$#', '', $attArray));`
	`30`	`+ $attributeList = preg_split('#\'\s,\s#', $attArray);`
	`31`	`+ }`
`29`	`32`	`else`
`30`	`33`	`@$attributeList=unserialize($_SESSION['attributeList']);`
`31`	`34`	`}`
`@@ -41,7 +44,9 @@`
`41`	`44`	`{`
`42`	`45`	`$typeList = urldecode($_GET['typeList']);`
`43`	`46`	`}`
`44`		`- $typeList = trim($typeList);`
	`47`	`+ $typeArray = trim($typeList);`
	`48`	`+ $typeArray = trim(preg_replace('#^array\s\(\|\d\s\=\>\s\'\|\'\,\s*\)$#', '', $typeArray));`
	`49`	`+ $typeList = preg_split('#\'\s,\s#', $typeArray);`
`45`	`50`	`for($i=0; $i<sizeof($typeList); $i++)`
`46`	`51`	`{`
`47`	`52`	`$typeList[$i] = stripcslashes($typeList[$i]);`
`@@ -59,9 +64,15 @@`
`59`	`64`	`if ($misc->GetVariable('classList') != null)`
`60`	`65`	`{`
`61`	`66`	`if (isset($_GET['classList']))`
`62`		`- $classList = stripcslashes(urldecode($_GET['classList']));`
	`67`	`+ {`
	`68`	`+ $classArray = stripcslashes(urldecode($_GET['classList']));`
	`69`	`+ $classArray = trim(preg_replace('#^array\s\(\|\d\s\=\>\s\'\|\'\,\s*\)$#', '', $classArray));`
	`70`	`+ $classList = preg_split('#\'\s,\s#', $classArray);`
	`71`	`+ }`
`63`	`72`	`else`
	`73`	`+ {`
`64`	`74`	`@$classList=unserialize($_SESSION['classList']);`
	`75`	`+ }`
`65`	`76`	`}`
`66`	`77`
`67`	`78`	`$pdoDriver = ($misc->GetVariable('pdoDriver')!=null?$misc->GetVariable('pdoDriver'):'mysql');`
Original file line number	Diff line number	Diff line change
`@@ -57,7 +57,7 @@`
`57`	`57`	`}`
`58`	`58`	`else`
`59`	`59`	`{`
`60`		`- $_SESSION[$arguments[0]] = $value;`
	`60`	`+ eval ("\$_SESSION['".$arguments[0]."'] = '".$value."';");`
`61`	`61`	`}`
`62`	`62`	`}`
`63`	`63`	`if (!isset($pdoDrive))`
Original file line number	Diff line number	Diff line change
`@@ -289,7 +289,7 @@ function GeneratePackageFromLink($link)`
`289`	`289`	`}`
`290`	`290`	`else`
`291`	`291`	`{`
`292`		`- $$arguments[0] = $value;`
	`292`	`+ eval ("$".$arguments[0]." = '".$value."';");`
`293`	`293`	`}`
`294`	`294`	`if (!isset($pdoDrive))`
`295`	`295`	`{`