CVS update: xoops2jp/html/modules/mydownloads (xoops-cvslog 257) - XOOPS

Index: xoops2jp/html/modules/mydownloads/visit.php
diff -u xoops2jp/html/modules/mydownloads/visit.php:1.2 xoops2jp/html/modules/mydownloads/visit.php:1.2.10.1

--- xoops2jp/html/modules/mydownloads/visit.php:1.2	Fri Mar 18 21:52:14 2005
+++ xoops2jp/html/modules/mydownloads/visit.php	Fri Jul 29 15:22:22 2005
@@ -1,5 +1,5 @@
 <?php
-// $Id: visit.php,v 1.2 2005/03/18 12:52:14 onokazu Exp $
+// $Id: visit.php,v 1.2.10.1 2005/07/29 06:22:22 onokazu Exp $
 //  ------------------------------------------------------------------------ //
 //                XOOPS - PHP Content Management System                      //
 //                    Copyright (c) 2000 XOOPS.org                           //
@@ -26,31 +26,39 @@
 //  ------------------------------------------------------------------------ //
 
 include "../../mainfile.php";
-$myts =& MyTextSanitizer::getInstance(); // MyTextSanitizer object
-$lid = intval($HTTP_GET_VARS['lid']);
-$cid = intval($HTTP_GET_VARS['cid']);
+$lid = intval($_GET['lid']);
+if (empty($lid)) {
+    header('Location: '.XOOPS_URL.'/');
+    exit();
+}
+$cid = intval($_GET['cid']);
 if ( $xoopsModuleConfig['check_host'] ) {
-	$goodhost      = 0;
-	$referer       = parse_url(xoops_getenv('HTTP_REFERER'));
-	$referer_host  = $referer['host'];
-	foreach ( $xoopsModuleConfig['referers'] as $ref ) {
-		if ( !empty($ref) && preg_match("/".$ref."/i", $referer_host) ) {
-			$goodhost = "1";
-			break;
-		}
-	}
-	if (!$goodhost) {
-		redirect_header(XOOPS_URL . "/modules/mydownloads/singlefile.php?cid=$cid&amp;lid=$lid", 20, _MD_NOPERMISETOLINK);
-		exit();
-	}
+    $goodhost      = 0;
+    $referer       = parse_url(xoops_getenv('HTTP_REFERER'));
+    $referer_host  = $referer['host'];
+    foreach ( $xoopsModuleConfig['referers'] as $ref ) {
+        if ( !empty($ref) && preg_match("/".$ref."/i", $referer_host) ) {
+            $goodhost = "1";
+            break;
+        }
+    }
+    if (!$goodhost) {
+        redirect_header(XOOPS_URL . "/modules/mydownloads/singlefile.php?cid=$cid&amp;lid=$lid", 20, _MD_NOPERMISETOLINK);
+        exit();
+    }
 }
 $sql = sprintf("UPDATE %s SET hits = hits+1 WHERE lid = %u AND status > 0", $xoopsDB->prefix("mydownloads_downloads"), $lid);
 $xoopsDB->queryF($sql);
 $result = $xoopsDB->query("SELECT url FROM ".$xoopsDB->prefix("mydownloads_downloads")." WHERE lid=$lid AND status>0");
 list($url) = $xoopsDB->fetchRow($result);
+if (empty($url)) {
+    header('Location: '.XOOPS_URL.'/');
+    exit();
+}
+$url = htmlspecialchars(preg_replace( '/javascript:/si' , 'java script:', $url ), ENT_QUOTES);
 if (!preg_match("/^ed2k*:\/\//i", $url)) {
-	Header("Location: $url");
+    Header("Location: $url");
 }
-echo "<html><head><meta http-equiv=\"Refresh\" content=\"0; URL=".$myts->oopsHtmlSpecialChars($url)."\"></meta></head><body></body></html>";
+echo "<html><head><meta http-equiv=\"Refresh\" content=\"0; URL=".$url."\"></meta></head><body></body></html>";
 exit();
 ?>


XOOPS

[xoops-cvslog 257] CVS update: xoops2jp/html/modules/mydownloads