X-Git-Url: http://git.cyclocoop.org/?p=ptitvelo%2Fweb%2Fwww.git;a=blobdiff_plain;f=www%2Fconfig%2Fecran_securite.php;fp=www%2Fconfig%2Fecran_securite.php;h=7e6ec1c5f99b555757532ffb67487511fb1c5d3a;hp=63ee29981b8db4264855f298d9ca85bdd668250f;hb=b97874b04ea8ca43d21b7ef7309feff8ef0e4a07;hpb=92c7d7f7bccb9629bb7c81b9582b56b61c3f8ec9

diff --git a/www/config/ecran_securite.php b/www/config/ecran_securite.php
index 63ee299..7e6ec1c 100644
--- a/www/config/ecran_securite.php
+++ b/www/config/ecran_securite.php
@@ -5,7 +5,7 @@
  * ------------------
  */
 
-define('_ECRAN_SECURITE', '1.1.7'); // 24 mai 2013
+define('_ECRAN_SECURITE', '1.1.8'); // 2013-08-29
 
 /*
  * Documentation : http://www.spip.net/fr_article4200.html
@@ -253,11 +253,12 @@ if (strpos($_SERVER['REQUEST_URI'],"ecrire/")!==false){
 if (isset($_REQUEST['connect'])
 	AND
 	// cas qui permettent de sortir d'un commentaire PHP
-	(strpos($_REQUEST['connect'], "?".">")!==false
+	(strpos($_REQUEST['connect'], "?")!==false
+	 OR strpos($_REQUEST['connect'], ">")!==false
 	 OR strpos($_REQUEST['connect'], "\n")!==false
 	 OR strpos($_REQUEST['connect'], "\r")!==false)
 	) {
-	$_REQUEST['connect'] = str_replace(array("?".">", "\r", "\n"), "", $_REQUEST['connect']);
+	$_REQUEST['connect'] = str_replace(array("?", ">", "\r", "\n"), "", $_REQUEST['connect']);
 	if (isset($_GET['connect'])) $_GET['connect'] = $_REQUEST['connect'];
 	if (isset($_POST['connect'])) $_POST['connect'] = $_REQUEST['connect'];
 }
@@ -316,4 +317,4 @@ if (
 }
 
 
-?>
\ No newline at end of file
+?>