spip /
SPIP
@@ -14,8 +14,9 @@ discard block |
||
| 14 | 14 | /* |
| 15 | 15 | * Test utilisateur |
| 16 | 16 | */ |
| 17 | -if (isset($_GET['test_ecran_securite'])) |
|
| 17 | +if (isset($_GET['test_ecran_securite'])) { |
|
| 18 | 18 | $ecran_securite_raison = 'test '._ECRAN_SECURITE; |
| 19 | +} |
|
| 19 | 20 | |
| 20 | 21 | /* |
| 21 | 22 | * Monitoring |
@@ -60,18 +61,21 @@ discard block |
||
| 60 | 61 | * (sauf pour id_table, qui n'est pas numérique jusqu'à [5743]) |
| 61 | 62 | * (id_base est une variable de la config des widgets de WordPress) |
| 62 | 63 | */ |
| 63 | -foreach ($_GET as $var => $val) |
|
| 64 | +foreach ($_GET as $var => $val) { |
|
| 64 | 65 | if ($_GET[$var] and strncmp($var, "id_", 3) == 0 |
| 65 | 66 | and !in_array($var, array('id_table', 'id_base'))) |
| 66 | 67 | $_GET[$var] = is_array($_GET[$var])?@array_map('intval', $_GET[$var]):intval($_GET[$var]); |
| 67 | -foreach ($_POST as $var => $val) |
|
| 68 | +} |
|
| 69 | +foreach ($_POST as $var => $val) { |
|
| 68 | 70 | if ($_POST[$var] and strncmp($var, "id_", 3) == 0 |
| 69 | 71 | and !in_array($var, array('id_table', 'id_base'))) |
| 70 | 72 | $_POST[$var] = is_array($_POST[$var])?@array_map('intval', $_POST[$var]):intval($_POST[$var]); |
| 71 | -foreach ($GLOBALS as $var => $val) |
|
| 73 | +} |
|
| 74 | +foreach ($GLOBALS as $var => $val) { |
|
| 72 | 75 | if ($GLOBALS[$var] and strncmp($var, "id_", 3) == 0 |
| 73 | 76 | and !in_array($var, array('id_table', 'id_base'))) |
| 74 | 77 | $GLOBALS[$var] = is_array($GLOBALS[$var])?@array_map('intval', $GLOBALS[$var]):intval($GLOBALS[$var]); |
| 78 | +} |
|
| 75 | 79 | |
| 76 | 80 | /* |
| 77 | 81 | * Interdit la variable $cjpeg_command, qui était utilisée sans |
@@ -83,11 +87,13 @@ discard block |
||
| 83 | 87 | * Contrôle de quelques variables (XSS) |
| 84 | 88 | */ |
| 85 | 89 | foreach(array('lang', 'var_recherche', 'aide', 'var_lang_r', 'lang_r', 'var_ajax_ancre', 'nom_fichier') as $var) { |
| 86 | - if (isset($_GET[$var])) |
|
| 87 | - $_REQUEST[$var] = $GLOBALS[$var] = $_GET[$var] = preg_replace(',[^\w\,/#&;-]+,', ' ', (string)$_GET[$var]); |
|
| 88 | - if (isset($_POST[$var])) |
|
| 89 | - $_REQUEST[$var] = $GLOBALS[$var] = $_POST[$var] = preg_replace(',[^\w\,/#&;-]+,', ' ', (string)$_POST[$var]); |
|
| 90 | -} |
|
| 90 | + if (isset($_GET[$var])) { |
|
| 91 | + $_REQUEST[$var] = $GLOBALS[$var] = $_GET[$var] = preg_replace(',[^\w\,/#&;-]+,', ' ', (string)$_GET[$var]); |
|
| 92 | + } |
|
| 93 | + if (isset($_POST[$var])) { |
|
| 94 | + $_REQUEST[$var] = $GLOBALS[$var] = $_POST[$var] = preg_replace(',[^\w\,/#&;-]+,', ' ', (string)$_POST[$var]); |
|
| 95 | + } |
|
| 96 | + } |
|
| 91 | 97 | |
| 92 | 98 | /* |
| 93 | 99 | * Filtre l'accès à spip_acces_doc (injection SQL en 1.8.2x) |
@@ -101,41 +107,49 @@ discard block |
||
| 101 | 107 | */ |
| 102 | 108 | if (isset($_REQUEST['mode']) and isset($_REQUEST['page']) |
| 103 | 109 | and !in_array($_REQUEST['mode'], array("6forum", "1comite")) |
| 104 | -and $_REQUEST['page'] == "identifiants") |
|
| 110 | +and $_REQUEST['page'] == "identifiants") { |
|
| 105 | 111 | $ecran_securite_raison = "identifiants"; |
| 112 | +} |
|
| 106 | 113 | |
| 107 | 114 | /* |
| 108 | 115 | * Agenda joue à l'injection php |
| 109 | 116 | */ |
| 110 | 117 | if (isset($_REQUEST['partie_cal']) |
| 111 | -and $_REQUEST['partie_cal'] !== htmlentities((string)$_REQUEST['partie_cal'])) |
|
| 118 | +and $_REQUEST['partie_cal'] !== htmlentities((string)$_REQUEST['partie_cal'])) { |
|
| 112 | 119 | $ecran_securite_raison = "partie_cal"; |
| 120 | +} |
|
| 113 | 121 | if (isset($_REQUEST['echelle']) |
| 114 | -and $_REQUEST['echelle'] !== htmlentities((string)$_REQUEST['echelle'])) |
|
| 122 | +and $_REQUEST['echelle'] !== htmlentities((string)$_REQUEST['echelle'])) { |
|
| 115 | 123 | $ecran_securite_raison = "echelle"; |
| 124 | +} |
|
| 116 | 125 | |
| 117 | 126 | /* |
| 118 | 127 | * Espace privé |
| 119 | 128 | */ |
| 120 | 129 | if (isset($_REQUEST['exec']) |
| 121 | -and !preg_match(',^[\w-]+$,', (string)$_REQUEST['exec'])) |
|
| 130 | +and !preg_match(',^[\w-]+$,', (string)$_REQUEST['exec'])) { |
|
| 122 | 131 | $ecran_securite_raison = "exec"; |
| 132 | +} |
|
| 123 | 133 | if (isset($_REQUEST['cherche_auteur']) |
| 124 | -and preg_match(',[<],', (string)$_REQUEST['cherche_auteur'])) |
|
| 134 | +and preg_match(',[<],', (string)$_REQUEST['cherche_auteur'])) { |
|
| 125 | 135 | $ecran_securite_raison = "cherche_auteur"; |
| 136 | +} |
|
| 126 | 137 | if (isset($_REQUEST['exec']) |
| 127 | 138 | and $_REQUEST['exec'] == 'auteurs' |
| 128 | -and preg_match(',[<],', (string)$_REQUEST['recherche'])) |
|
| 139 | +and preg_match(',[<],', (string)$_REQUEST['recherche'])) { |
|
| 129 | 140 | $ecran_securite_raison = "recherche"; |
| 141 | +} |
|
| 130 | 142 | if (isset($_REQUEST['exec']) |
| 131 | 143 | and $_REQUEST['exec'] == 'info_plugin' |
| 132 | -and preg_match(',[<],', (string)$_REQUEST['plugin'])) |
|
| 144 | +and preg_match(',[<],', (string)$_REQUEST['plugin'])) { |
|
| 133 | 145 | $ecran_securite_raison = "plugin"; |
| 146 | +} |
|
| 134 | 147 | if (isset($_REQUEST['exec']) |
| 135 | 148 | and $_REQUEST['exec'] == 'puce_statut' |
| 136 | 149 | and isset($_REQUEST['id']) |
| 137 | -and !intval($_REQUEST['id'])) |
|
| 150 | +and !intval($_REQUEST['id'])) { |
|
| 138 | 151 | $ecran_securite_raison = "puce_statut"; |
| 152 | +} |
|
| 139 | 153 | if (isset($_REQUEST['action']) |
| 140 | 154 | and $_REQUEST['action'] == 'configurer') { |
| 141 | 155 | if (@file_exists('inc_version.php') |
@@ -160,21 +174,24 @@ discard block |
||
| 160 | 174 | @get_magic_quotes_gpc() ? |
| 161 | 175 | stripslashes(serialize($_REQUEST)) : serialize($_REQUEST), |
| 162 | 176 | chr(0) |
| 163 | -) !== false) |
|
| 177 | +) !== false) { |
|
| 164 | 178 | $ecran_securite_raison = "%00"; |
| 179 | +} |
|
| 165 | 180 | |
| 166 | 181 | /* |
| 167 | 182 | * Bloque les requêtes fond=formulaire_ |
| 168 | 183 | */ |
| 169 | 184 | if (isset($_REQUEST['fond']) |
| 170 | -and preg_match(',^formulaire_,i', $_REQUEST['fond'])) |
|
| 185 | +and preg_match(',^formulaire_,i', $_REQUEST['fond'])) { |
|
| 171 | 186 | $ecran_securite_raison = "fond=formulaire_"; |
| 187 | +} |
|
| 172 | 188 | |
| 173 | 189 | /* |
| 174 | 190 | * Bloque les requêtes du type ?GLOBALS[type_urls]=toto (bug vieux php) |
| 175 | 191 | */ |
| 176 | -if (isset($_REQUEST['GLOBALS'])) |
|
| 192 | +if (isset($_REQUEST['GLOBALS'])) { |
|
| 177 | 193 | $ecran_securite_raison = "GLOBALS[GLOBALS]"; |
| 194 | +} |
|
| 178 | 195 | |
| 179 | 196 | /* |
| 180 | 197 | * Bloque les requêtes des bots sur: |
@@ -185,29 +202,34 @@ discard block |
||
| 185 | 202 | (isset($_REQUEST['echelle']) and isset($_REQUEST['partie_cal']) and isset($_REQUEST['type'])) |
| 186 | 203 | or (strpos((string)$_SERVER['REQUEST_URI'], 'debut_') and preg_match(',[?&]debut_.*&debut_,', (string)$_SERVER['REQUEST_URI'])) |
| 187 | 204 | ) |
| 188 | -) |
|
| 205 | +) { |
|
| 189 | 206 | $ecran_securite_raison = "robot agenda/double pagination"; |
| 207 | +} |
|
| 190 | 208 | |
| 191 | 209 | /* |
| 192 | 210 | * Bloque une vieille page de tests de CFG (<1.11) |
| 193 | 211 | * Bloque un XSS sur une page inexistante |
| 194 | 212 | */ |
| 195 | 213 | if (isset($_REQUEST['page'])) { |
| 196 | - if ($_REQUEST['page'] == 'test_cfg') |
|
| 197 | - $ecran_securite_raison = "test_cfg"; |
|
| 198 | - if ($_REQUEST['page'] !== htmlspecialchars((string)$_REQUEST['page'])) |
|
| 199 | - $ecran_securite_raison = "xsspage"; |
|
| 214 | + if ($_REQUEST['page'] == 'test_cfg') { |
|
| 215 | + $ecran_securite_raison = "test_cfg"; |
|
| 216 | + } |
|
| 217 | + if ($_REQUEST['page'] !== htmlspecialchars((string)$_REQUEST['page'])) { |
|
| 218 | + $ecran_securite_raison = "xsspage"; |
|
| 219 | + } |
|
| 200 | 220 | if ($_REQUEST['page'] == '404' |
| 201 | - and isset($_REQUEST['erreur'])) |
|
| 202 | - $ecran_securite_raison = "xss404"; |
|
| 203 | -} |
|
| 221 | + and isset($_REQUEST['erreur'])) { |
|
| 222 | + $ecran_securite_raison = "xss404"; |
|
| 223 | + } |
|
| 224 | + } |
|
| 204 | 225 | |
| 205 | 226 | /* |
| 206 | 227 | * XSS par array |
| 207 | 228 | */ |
| 208 | -foreach (array('var_login') as $var) |
|
| 209 | -if (isset($_REQUEST[$var]) and is_array($_REQUEST[$var])) |
|
| 229 | +foreach (array('var_login') as $var) { |
|
| 230 | + if (isset($_REQUEST[$var]) and is_array($_REQUEST[$var])) |
|
| 210 | 231 | $ecran_securite_raison = "xss ".$var; |
| 232 | +} |
|
| 211 | 233 | |
| 212 | 234 | /* |
| 213 | 235 | * Parade antivirale contre un cheval de troie |
@@ -217,18 +239,21 @@ discard block |
||
| 217 | 239 | function tmp_lkojfghx2($a = 0, $b = 0, $c = 0, $d = 0) { |
| 218 | 240 | // si jamais on est arrivé ici sur une erreur php |
| 219 | 241 | // et qu'un autre gestionnaire d'erreur est défini, l'appeller |
| 220 | - if ($b && $GLOBALS['tmp_xhgfjokl']) |
|
| 221 | - call_user_func($GLOBALS['tmp_xhgfjokl'], $a, $b, $c, $d); |
|
| 242 | + if ($b && $GLOBALS['tmp_xhgfjokl']) { |
|
| 243 | + call_user_func($GLOBALS['tmp_xhgfjokl'], $a, $b, $c, $d); |
|
| 244 | + } |
|
| 222 | 245 | } |
| 223 | 246 | } |
| 224 | -if (isset($_POST['tmp_lkojfghx3'])) |
|
| 247 | +if (isset($_POST['tmp_lkojfghx3'])) { |
|
| 225 | 248 | $ecran_securite_raison = "gumblar"; |
| 249 | +} |
|
| 226 | 250 | |
| 227 | 251 | /* |
| 228 | 252 | * Outils XML mal sécurisés < 2.0.9 |
| 229 | 253 | */ |
| 230 | -if (isset($_REQUEST['transformer_xml'])) |
|
| 254 | +if (isset($_REQUEST['transformer_xml'])) { |
|
| 231 | 255 | $ecran_securite_raison = "transformer_xml"; |
| 256 | +} |
|
| 232 | 257 | |
| 233 | 258 | /* |
| 234 | 259 | * Outils XML mal sécurisés again |
@@ -246,11 +271,13 @@ discard block |
||
| 246 | 271 | * Sauvegarde mal securisée < 2.0.9 |
| 247 | 272 | */ |
| 248 | 273 | if (isset($_REQUEST['nom_sauvegarde']) |
| 249 | -and strstr((string)$_REQUEST['nom_sauvegarde'], '/')) |
|
| 274 | +and strstr((string)$_REQUEST['nom_sauvegarde'], '/')) { |
|
| 250 | 275 | $ecran_securite_raison = 'nom_sauvegarde manipulee'; |
| 276 | +} |
|
| 251 | 277 | if (isset($_REQUEST['znom_sauvegarde']) |
| 252 | -and strstr((string)$_REQUEST['znom_sauvegarde'], '/')) |
|
| 278 | +and strstr((string)$_REQUEST['znom_sauvegarde'], '/')) { |
|
| 253 | 279 | $ecran_securite_raison = 'znom_sauvegarde manipulee'; |
| 280 | +} |
|
| 254 | 281 | |
| 255 | 282 | |
| 256 | 283 | /* |
@@ -258,8 +285,9 @@ discard block |
||
| 258 | 285 | * on vérifie 'page' pour ne pas bloquer ... drupal |
| 259 | 286 | */ |
| 260 | 287 | if (isset($_REQUEST['op']) and isset($_REQUEST['page']) |
| 261 | -and $_REQUEST['op'] !== preg_replace('/[^\-\w]/', '', $_REQUEST['op'])) |
|
| 288 | +and $_REQUEST['op'] !== preg_replace('/[^\-\w]/', '', $_REQUEST['op'])) { |
|
| 262 | 289 | $ecran_securite_raison = 'op'; |
| 290 | +} |
|
| 263 | 291 | |
| 264 | 292 | /* |
| 265 | 293 | * Forms & Table ne se méfiait pas assez des uploads de fichiers |
@@ -267,8 +295,9 @@ discard block |
||
| 267 | 295 | if (count($_FILES)){ |
| 268 | 296 | foreach($_FILES as $k => $v){ |
| 269 | 297 | if (preg_match(',^fichier_\d+$,', $k) |
| 270 | - and preg_match(',\.php,i', $v['name'])) |
|
| 271 | - unset($_FILES[$k]); |
|
| 298 | + and preg_match(',\.php,i', $v['name'])) { |
|
| 299 | + unset($_FILES[$k]); |
|
| 300 | + } |
|
| 272 | 301 | } |
| 273 | 302 | } |
| 274 | 303 | /* |
@@ -285,21 +314,24 @@ discard block |
||
| 285 | 314 | * reinstall=oui un peu trop permissif |
| 286 | 315 | */ |
| 287 | 316 | if (isset($_REQUEST['reinstall']) |
| 288 | -and $_REQUEST['reinstall'] == 'oui') |
|
| 317 | +and $_REQUEST['reinstall'] == 'oui') { |
|
| 289 | 318 | $ecran_securite_raison = 'reinstall=oui'; |
| 319 | +} |
|
| 290 | 320 | |
| 291 | 321 | /* |
| 292 | 322 | * Échappement xss referer |
| 293 | 323 | */ |
| 294 | -if (isset($_SERVER['HTTP_REFERER'])) |
|
| 324 | +if (isset($_SERVER['HTTP_REFERER'])) { |
|
| 295 | 325 | $_SERVER['HTTP_REFERER'] = strtr($_SERVER['HTTP_REFERER'], '<>"\'', '[]##'); |
| 326 | +} |
|
| 296 | 327 | |
| 297 | 328 | |
| 298 | 329 | /* |
| 299 | 330 | * Echappement HTTP_X_FORWARDED_HOST |
| 300 | 331 | */ |
| 301 | -if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) |
|
| 332 | +if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) { |
|
| 302 | 333 | $_SERVER['HTTP_X_FORWARDED_HOST'] = strtr($_SERVER['HTTP_X_FORWARDED_HOST'], "<>?\"\{\}\$'` \r\n", '____________'); |
| 334 | +} |
|
| 303 | 335 | |
| 304 | 336 | |
| 305 | 337 | /* |
@@ -307,9 +339,10 @@ discard block |
||
| 307 | 339 | */ |
| 308 | 340 | if (strpos($_SERVER['REQUEST_URI'], "ecrire/") !== false){ |
| 309 | 341 | $zzzz = implode("", array_keys($_REQUEST)); |
| 310 | - if (strlen($zzzz) != strcspn($zzzz, '<>"\'')) |
|
| 311 | - $ecran_securite_raison = 'Cle incorrecte en $_REQUEST'; |
|
| 312 | -} |
|
| 342 | + if (strlen($zzzz) != strcspn($zzzz, '<>"\'')) { |
|
| 343 | + $ecran_securite_raison = 'Cle incorrecte en $_REQUEST'; |
|
| 344 | + } |
|
| 345 | + } |
|
| 313 | 346 | |
| 314 | 347 | /* |
| 315 | 348 | * Injection par connect |
@@ -358,8 +391,9 @@ discard block |
||
| 358 | 391 | /* |
| 359 | 392 | * Bloque les bots quand le load déborde |
| 360 | 393 | */ |
| 361 | -if (!defined('_ECRAN_SECURITE_LOAD')) |
|
| 394 | +if (!defined('_ECRAN_SECURITE_LOAD')) { |
|
| 362 | 395 | define('_ECRAN_SECURITE_LOAD', 4); |
| 396 | +} |
|
| 363 | 397 | |
| 364 | 398 | if ( |
| 365 | 399 | defined('_ECRAN_SECURITE_LOAD') |
@@ -351,11 +351,15 @@ |
||
| 351 | 351 | $erreurs = array(); |
| 352 | 352 | $erreurs = auteur_reset_password($res['id_auteur'], $erreurs); |
| 353 | 353 | if (isset($erreurs['message_ok'])) { |
| 354 | - if (!isset($res['message_ok'])) $res['message_ok'] = ''; |
|
| 354 | + if (!isset($res['message_ok'])) { |
|
| 355 | + $res['message_ok'] = ''; |
|
| 356 | + } |
|
| 355 | 357 | $res['message_ok'] = trim($res['message_ok'] . ' ' . $erreurs['message_ok']); |
| 356 | 358 | } |
| 357 | 359 | if (isset($erreurs['message_erreur']) and $erreurs['message_erreur']) { |
| 358 | - if (!isset($res['message_erreur'])) $res['message_erreur'] = ''; |
|
| 360 | + if (!isset($res['message_erreur'])) { |
|
| 361 | + $res['message_erreur'] = ''; |
|
| 362 | + } |
|
| 359 | 363 | $res['message_erreur'] = trim($res['message_erreur'] . ' ' . $erreurs['message_erreur']); |
| 360 | 364 | } |
| 361 | 365 | } |
@@ -512,12 +512,14 @@ |
||
| 512 | 512 | ) |
| 513 | 513 | ); |
| 514 | 514 | |
| 515 | -if ($GLOBALS['meta']['version_installee'] > 1.950) // 1.950 lisait un bug dans auxiliaires.php corrige a present |
|
| 515 | +if ($GLOBALS['meta']['version_installee'] > 1.950) { |
|
| 516 | + // 1.950 lisait un bug dans auxiliaires.php corrige a present |
|
| 516 | 517 | { |
| 517 | 518 | $GLOBALS['maj'][1955] = array( |
| 518 | 519 | array('sql_alter', "TABLE spip_urls CHANGE `maj` date DATETIME DEFAULT '0000-00-00 00:00:00' NOT NULL") |
| 519 | 520 | ); |
| 520 | 521 | } |
| 522 | +} |
|
| 521 | 523 | |
| 522 | 524 | // la mise a jour vers 1.938 contient une erreur |
| 523 | 525 | // il faut supprimer l'autoincrement avant de supprimer la PRIMARY KEY |
@@ -71,10 +71,12 @@ |
||
| 71 | 71 | foreach ($GLOBALS[$com] as $table => $desc) { |
| 72 | 72 | if (!sql_select('*', $table, '', '', '', 1) |
| 73 | 73 | and !defined('spip_interdire_cache') |
| 74 | - ) # cas "LOST CONNECTION" |
|
| 74 | + ) { |
|
| 75 | + # cas "LOST CONNECTION" |
|
| 75 | 76 | { |
| 76 | 77 | $crash[] = $table; |
| 77 | 78 | } |
| 79 | + } |
|
| 78 | 80 | } |
| 79 | 81 | } |
| 80 | 82 | #$crash[] = 'test'; |
@@ -102,10 +102,12 @@ |
||
| 102 | 102 | |
| 103 | 103 | // si le plugin CFG est la, l'essayer |
| 104 | 104 | if (defined('_DIR_PLUGIN_CFG')) { |
| 105 | - if (include_spip('inc/cfg')) // test CFG version >= 1.0.5 |
|
| 105 | + if (include_spip('inc/cfg')) { |
|
| 106 | + // test CFG version >= 1.0.5 |
|
| 106 | 107 | { |
| 107 | 108 | if ($cfg = icone_lien_cfg("$dir$nom", "cfg")) { |
| 108 | 109 | return "<div class='cfg_link'>$cfg</div>"; |
| 110 | + } |
|
| 109 | 111 | } |
| 110 | 112 | } |
| 111 | 113 | } |
@@ -187,9 +187,11 @@ |
||
| 187 | 187 | // Sinon comparer l'age du fichier a sa duree de cache |
| 188 | 188 | $duree = intval($page['entetes']['X-Spip-Cache']); |
| 189 | 189 | $cache_mark = (isset($GLOBALS['meta']['cache_mark']) ? $GLOBALS['meta']['cache_mark'] : 0); |
| 190 | - if ($duree == 0) #CACHE{0} |
|
| 190 | + if ($duree == 0) { |
|
| 191 | + #CACHE{0} |
|
| 191 | 192 | { |
| 192 | 193 | return -1; |
| 194 | + } |
|
| 193 | 195 | } // sauf pour les bots, qui utilisent toujours le cache |
| 194 | 196 | else { |
| 195 | 197 | if ((!_IS_BOT and $date + $duree < $now) |
@@ -2884,8 +2884,7 @@ |
||
| 2884 | 2884 | $_const = interprete_argument_balise(1, $p); |
| 2885 | 2885 | if (!strlen($_const)) { |
| 2886 | 2886 | $p->code = "''"; |
| 2887 | - } |
|
| 2888 | - else { |
|
| 2887 | + } else { |
|
| 2889 | 2888 | $p->code = "(defined($_const)?constant($_const):'')"; |
| 2890 | 2889 | } |
| 2891 | 2890 | $p->interdire_scripts = false; |
@@ -65,12 +65,10 @@ |
||
| 65 | 65 | $code = trim(highlight_string($code,true)); |
| 66 | 66 | erreur_squelette("L".$erreur['line'].": ".$erreur['message']."<br />".$code,array($page['source'],'',$erreur['file'],'',$GLOBALS['spip_lang'])); |
| 67 | 67 | $page['texte'] = "<!-- Erreur -->"; |
| 68 | - } |
|
| 69 | - else { |
|
| 68 | + } else { |
|
| 70 | 69 | $page['texte'] = ob_get_contents(); |
| 71 | 70 | } |
| 72 | - } |
|
| 73 | - catch (Exception $e){ |
|
| 71 | + } catch (Exception $e){ |
|
| 74 | 72 | $code = $page['texte']; |
| 75 | 73 | $GLOBALS['numero_ligne_php'] = 1; |
| 76 | 74 | if (!function_exists('numerote_ligne_php')){ |
@@ -362,9 +362,11 @@ discard block |
||
| 362 | 362 | if (!preg_match('/^(.*)(<\?.*\?>)(.*)$/s', $v[0], $r)) { |
| 363 | 363 | $y = substr_count($v[0], "\n"); |
| 364 | 364 | } else { |
| 365 | - if ($v[1][0] == '#') // balise dynamique |
|
| 365 | + if ($v[1][0] == '#') { |
|
| 366 | + // balise dynamique |
|
| 366 | 367 | { |
| 367 | 368 | $incl = $GLOBALS['debug_objets']['resultat'][$v[2]]; |
| 369 | + } |
|
| 368 | 370 | } else // inclusion |
| 369 | 371 | { |
| 370 | 372 | $incl = $GLOBALS['debug_objets']['squelette'][trouve_squelette_inclus($v[0])]; |
@@ -397,12 +399,14 @@ discard block |
||
| 397 | 399 | preg_match('/include\(.(.*).php3?.\);/', $script, $reg); |
| 398 | 400 | // si le script X.php n'est pas ecrire/public.php |
| 399 | 401 | // on suppose qu'il prend le squelette X.html (pas sur, mais y a pas mieux) |
| 400 | - if ($reg[1] == 'ecrire/public') // si c'est bien ecrire/public on cherche le param 'fond' |
|
| 402 | + if ($reg[1] == 'ecrire/public') { |
|
| 403 | + // si c'est bien ecrire/public on cherche le param 'fond' |
|
| 401 | 404 | { |
| 402 | 405 | if (!preg_match("/'fond' => '([^']*)'/", $script, $reg)) // a defaut on cherche le param 'page' |
| 403 | 406 | { |
| 404 | 407 | if (!preg_match("/'param' => '([^']*)'/", $script, $reg)) { |
| 405 | 408 | $reg[1] = "inconnu"; |
| 409 | + } |
|
| 406 | 410 | } |
| 407 | 411 | } |
| 408 | 412 | } |
