Merged from MOODLE_14_STABLE -- pending merges of shorttag fixes and SC#10

diff --git a/lib/ipatlas/ip-atlas_prefs.php b/lib/ipatlas/ip-atlas_prefs.php
index 139f5cbce69428e3ab4f25b2c36a8f0199de1c17..8c752ae0aa725175705d315f1047512fbd9a56d7 100644 (file)
--- a/lib/ipatlas/ip-atlas_prefs.php
+++ b/lib/ipatlas/ip-atlas_prefs.php
@@ -3,10 +3,14 @@
 include("plotconf.inc"); 
 include("plot.inc"); 
 
-if($warnings == "1") {
-error_reporting(E_ALL);
+if($CFG->debug > 1) {
+    error_reporting(E_ALL);
 } else {
-error_reporting(E_ERROR);
+    error_reporting(E_ERROR);
+}
+
+if (isset($HTTP_GET_VARS["lastquery"])){
+    $HTTP_GET_VARS["lastquery"] = clean_param($HTTP_GET_VARS["lastquery"], PARAM_HOST);
 }
 
 ?>
@@ -19,17 +23,33 @@ error_reporting(E_ERROR);
  }
 
 if(isset($HTTP_POST_VARS["button"])) {
+
+// cleanup post data
+$HTTP_POST_VARS["shape"]      = clean_param($HTTP_POST_VARS["shape"], PARAM_ALPHA);
+$HTTP_POST_VARS["color"]      = clean_param($HTTP_POST_VARS["color"], PARAM_ALPHA);
+$HTTP_POST_VARS["color"]      = clean_param($HTTP_POST_VARS["size"],  PARAM_INT);
+$HTTP_POST_VARS["earthimage"] = clean_param($HTTP_POST_VARS["earthimage"], PARAM_FILE);
+$HTTP_POST_VARS["cssdot"]      = clean_param($HTTP_POST_VARS["cssdot"], PARAM_FILE);
+$HTTP_POST_VARS["seldrawmode"] = clean_param($HTTP_POST_VARS["seldrawmode"],PARAM_ALPHA);
+// unset the earth image if we don't have it in our list
+ if (!in_array($HTTP_POST_VARS["earthimage"],$earthimages)) {
+     unset($HTTP_POST_VARS["earthimage"]);
+ }
+
+
 // save data from the POST
 setcookie ("atlasprefs", "", time() - 36000000);
 setcookie ("atlasprefs", "$HTTP_POST_VARS[shape]:$HTTP_POST_VARS[color]:$HTTP_POST_VARS[size]:$HTTP_POST_VARS[earthimage]:$HTTP_POST_VARS[cssdot]:$HTTP_POST_VARS[seldrawmode]", time() + 36000000, $cookiepath);
 
-$setshape = $HTTP_POST_VARS["shape"];
-$setcolor = $HTTP_POST_VARS["color"];
-$setsize = $HTTP_POST_VARS["size"];
+$setshape      = $HTTP_POST_VARS["shape"];
+$setcolor      = $HTTP_POST_VARS["color"];
+$setsize       = $HTTP_POST_VARS["size"];
 $setearthimage = $HTTP_POST_VARS["earthimage"];
-$setcssdot = $HTTP_POST_VARS["cssdot"];
+$setcssdot     = $HTTP_POST_VARS["cssdot"];
 $setseldrawmode = $HTTP_POST_VARS["seldrawmode"];
 
+
+
  if($setseldrawmode == "1") {
    $drawmode = "GD";
  } else {

diff --git a/lib/ipatlas/languages/messages.blank.inc b/lib/ipatlas/languages/messages.blank.inc
index 90032c390efc78d017ac92bc4c932b22dbe7f034..11a5f78b5503b5622aa1552f416da260c93ea801 100644 (file)
--- a/lib/ipatlas/languages/messages.blank.inc
+++ b/lib/ipatlas/languages/messages.blank.inc
@@ -1,4 +1,4 @@
-<?
+<?php
 
 /*
 

diff --git a/lib/ipatlas/languages/messages.it.inc b/lib/ipatlas/languages/messages.it.inc
index a9fd46930df3e3f19f6e0dfe1835fc0b89ce26e1..b460ffddb0566646c4827e9e8d1fc3b16887409d 100644 (file)
--- a/lib/ipatlas/languages/messages.it.inc
+++ b/lib/ipatlas/languages/messages.it.inc
@@ -1,4 +1,4 @@
-<?
+<?php
 
 /*
 

diff --git a/lib/ipatlas/plot.inc b/lib/ipatlas/plot.inc
index 5f5aabfbadffa14cb04c6c44c2923b98f62805d5..32aaac9d46081eb9da129bb1266a2acf34de6bda 100644 (file)
--- a/lib/ipatlas/plot.inc
+++ b/lib/ipatlas/plot.inc
@@ -1,8 +1,9 @@
-<?
+<?php
 
 $version = "1.0";
 
 // check for bad agents immidietly
+$blockbadagents=1;
 if($blockbadagents == 1) {
   // those metaquery assholes at t-dialin and others can't
   // get another dumber using the default user-agent, can they?

diff --git a/lib/ipatlas/plotconf.inc b/lib/ipatlas/plotconf.inc
index e545dc8fb7487c15767c2bca3319e6a0fc7f0633..c627e9709b2a24f1fc34d3db514918f28ac5458b 100644 (file)
--- a/lib/ipatlas/plotconf.inc
+++ b/lib/ipatlas/plotconf.inc
@@ -1,4 +1,4 @@
-<?
+<?php
 
 require("../../config.php");
 

diff --git a/lib/ipatlas/translate.inc b/lib/ipatlas/translate.inc
index 819974cfe5d48b17e2def829dd1cfb14dbba7934..7b9197190fe316fabb13cf5c22e071fccf19badc 100644 (file)
--- a/lib/ipatlas/translate.inc
+++ b/lib/ipatlas/translate.inc
@@ -1,4 +1,4 @@
-<?
+<?php
 
 function t($phrase) {
   global $language;