From 905c85813a24f02050421df8a7b1bf7ffbf4d987 Mon Sep 17 00:00:00 2001
From: Jacek Kowalski <Jacek@jacekk.info>
Date: Sat, 01 Nov 2014 23:52:41 +0000
Subject: [PATCH] [core] Zablokowanie przetwarzania XML External Entities

---
 class/BotMsgGG.php |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/class/BotMsgGG.php b/class/BotMsgGG.php
index 1203924..d14e99e 100644
--- a/class/BotMsgGG.php
+++ b/class/BotMsgGG.php
@@ -338,7 +338,7 @@
 	}
 	
 	private function format(&$node) {
-		$node->setAttribute('beforeFormatType', ord($this->f_type));
+		$node->setAttribute('beforeFormatType', dechex($this->f_type));
 		$node->setAttribute('beforeFormatColor', base64_encode($this->f_color));
 		
 		if($node->hasAttribute('color')) {
@@ -379,7 +379,7 @@
 	}
 	
 	private function unformat($node) {
-		$this->f_type = chr($node->getAttribute('beforeFormatType'));
+		$this->f_type = hexdec($node->getAttribute('beforeFormatType'));
 		$node->removeAttribute('beforeFormatType');
 		
 		$this->f_color = base64_decode($node->getAttribute('beforeFormatColor'));

--
Gitblit v1.9.1