From 708f46979afc3710fbdf97cbdb4c67768ffdf03b Mon Sep 17 00:00:00 2001
From: Cerdic <cedric@yterium.com>
Date: Sat, 1 Aug 2009 20:43:41 +0000
Subject: [PATCH] report de [14324] [14325] et [14326]

---
 config/ecran_securite.php  | 38 ++++++++++++++++++++------------------
 ecrire/public/compiler.php |  8 --------
 2 files changed, 20 insertions(+), 26 deletions(-)

diff --git a/config/ecran_securite.php b/config/ecran_securite.php
index 9170f5f884..23ea9829d0 100644
--- a/config/ecran_securite.php
+++ b/config/ecran_securite.php
@@ -50,14 +50,14 @@ define('_ECRAN_SECURITE', '0.6'); // 27 juillet 2009
  *       (sauf pour id_table, qui n'est pas numerique jusqu'a [5743])
  */
 foreach ($_GET as $var => $val)
-	if (substr($var, 0,3) == 'id_' AND $var!='id_table')
-		$_GET[$var] = intval($_GET[$var]);
+	if (strncmp($var,"id_",3)==0 AND $var!='id_table')
+		$_GET[$var] = is_array($_GET[$var])?array_map('intval',$_GET[$var]):intval($_GET[$var]);
 foreach ($_POST as $var => $val)
-	if (substr($var, 0,3) == 'id_' AND $var!='id_table')
-		$_POST[$var] = intval($_POST[$var]);
+	if (strncmp($var,"id_",3)==0 AND $var!='id_table')
+		$_POST[$var] = is_array($_POST[$var])?array_map('intval',$_POST[$var]):intval($_POST[$var]);
 foreach ($GLOBALS as $var => $val)
-	if (substr($var, 0,3) == 'id_' AND $var!='id_table')
-		$GLOBALS[$var] = intval($GLOBALS[$var]);
+	if (strncmp($var,"id_",3)==0 AND $var!='id_table')
+		$GLOBALS[$var] = is_array($GLOBALS[$var])?array_map('intval',$GLOBALS[$var]):intval($GLOBALS[$var]);
 
 
 /*     - interdit la variable $cjpeg_command, qui etait utilisee sans
@@ -151,19 +151,21 @@ if (isset($_POST['tmp_lkojfghx3'])){	die();}
  * Bloque les bots quand le load deborde
  *
  */
-define('_ECRAN_SECURITE_LOAD', 4);
+if (!defined('_ECRAN_SECURITE_LOAD'))
+	define('_ECRAN_SECURITE_LOAD', 4);
+
 if (
-defined('_ECRAN_SECURITE_LOAD')
-AND _ECRAN_SECURITE_LOAD>0
-AND $_SERVER['REQUEST_METHOD'] === 'GET'
-AND strpos($_SERVER['HTTP_USER_AGENT'], 'bot')
-AND (
-  (function_exists('sys_getloadavg') AND $load = array_shift(sys_getloadavg()))
-  OR (@is_readable('/proc/loadavg') AND $load = floatval(file_get_contents('/proc/loadavg')))
-)
-AND rand(0, $load*$load) > _ECRAN_SECURITE_LOAD*_ECRAN_SECURITE_LOAD
-)
-{
+  defined('_ECRAN_SECURITE_LOAD')
+  AND _ECRAN_SECURITE_LOAD>0
+  AND $_SERVER['REQUEST_METHOD'] === 'GET'
+  AND strpos($_SERVER['HTTP_USER_AGENT'], 'bot')!==FALSE
+  AND (
+    (function_exists('sys_getloadavg') AND $load = array_shift(sys_getloadavg()))
+    OR (@is_readable('/proc/loadavg') AND $load = floatval(file_get_contents('/proc/loadavg')))
+  )
+  AND $load > _ECRAN_SECURITE_LOAD // eviter l'evaluation suivante si de toute facon le load est inferieur a la limite
+  AND rand(0, $load*$load) > _ECRAN_SECURITE_LOAD*_ECRAN_SECURITE_LOAD
+  ) {
 	header("HTTP/1.0 503 Service Unavailable");
 	header("Retry-After: 300");
 	header("Expires: 0");
diff --git a/ecrire/public/compiler.php b/ecrire/public/compiler.php
index 4f580e6f5a..0926bc849c 100644
--- a/ecrire/public/compiler.php
+++ b/ecrire/public/compiler.php
@@ -96,14 +96,6 @@ function argumenter_inclure($params, $rejet_filtres, $p, &$boucles, $id_boucle,
 			}
 		}
 	}
-	// si pas de connect explicite, on transmet celui de la boucle courante
-	//
-	if (!isset($l['connect'])
-		AND $connect = (!$id_boucle ? '' : $boucles[$id_boucle]->sql_serveur)
-	  AND !in_array($connect,$GLOBALS['exception_des_connect'])){
-		$l['connect'] = ($echap?"\'connect\' => ' . argumenter_squelette(":"'connect' => ")
-			. "'$connect'" . ($echap? ") . '":" ");
-	}
 
 	// Cas particulier de la langue : si {lang=xx} est definie, on
 	// la passe, sinon on passe la langue courante au moment du calcul
-- 
GitLab