From f30cd1447b77f461dd0a459652bc03399d6d7878 Mon Sep 17 00:00:00 2001
From: Remi Collet <fedora@famillecollet.com>
Date: Tue, 6 Oct 2015 13:25:08 +0200
Subject: glpi: 0.85 is now in "remi"

---
 glpi-0.84-CVE-2014-9258.patch | 62 -------------------------------------------
 1 file changed, 62 deletions(-)
 delete mode 100644 glpi-0.84-CVE-2014-9258.patch

(limited to 'glpi-0.84-CVE-2014-9258.patch')

diff --git a/glpi-0.84-CVE-2014-9258.patch b/glpi-0.84-CVE-2014-9258.patch
deleted file mode 100644
index 97f1966..0000000
--- a/glpi-0.84-CVE-2014-9258.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-Index: branches/0.84-bugfixes/inc/dropdown.class.php
-===================================================================
---- branches/0.84-bugfixes/inc/dropdown.class.php	(révision 23260)
-+++ branches/0.84-bugfixes/inc/dropdown.class.php	(révision 23261)
-@@ -177,6 +177,11 @@
-          }
-       }
- 
-+      // Manage condition
-+      if (!empty($params['condition'])) {
-+        $params['condition'] = static::addNewCondition($params['condition']);
-+      }
-+      
-       $param = array('searchText'           => '__VALUE__',
-                       'value'               => $params['value'],
-                       'itemtype'            => $itemtype,
-@@ -259,6 +264,11 @@
-       }
-    }
- 
-+    static function addNewCondition($condition) {
-+        $sha1=sha1($condition);
-+        $_SESSION['glpicondition'][$sha1] = $condition;
-+        return $sha1;
-+    }   
- 
-    /**
-     * Get the value of a dropdown
-@@ -1095,7 +1105,7 @@
-                           'entity_restrict' => $entity_restrict);
- 
-          if ($onlyglobal) {
--            $params['condition'] = "`is_global` = '1'";
-+            $params['condition'] = static::addNewCondition("`is_global` = '1'");
-          }
-          Ajax::updateItemOnSelectEvent("itemtype$rand", "show_$myname$rand",
-                                        $CFG_GLPI["root_doc"]."/ajax/dropdownAllItems.php", $params);
-Index: branches/0.84-bugfixes/ajax/dropdownValue.php
-===================================================================
---- branches/0.84-bugfixes/ajax/dropdownValue.php	(révision 23260)
-+++ branches/0.84-bugfixes/ajax/dropdownValue.php	(révision 23261)
-@@ -72,13 +72,17 @@
-    $_POST['permit_select_parent'] = false;
- }
- 
--// No define rand
--if (!isset($_POST['rand'])) {
-+    // No define rand
-+    if (!isset($_POST['rand'])) {
-    $_POST['rand'] = mt_rand();
- }
- 
- if (isset($_POST['condition']) && !empty($_POST['condition'])) {
--   $_POST['condition'] = rawurldecode(stripslashes($_POST['condition']));
-+    if (isset($_SESSION['glpicondition'][$_POST['condition']])) {
-+        $_POST['condition'] = $_SESSION['glpicondition'][$_POST['condition']];
-+    } else {
-+        $_POST['condition'] = '';
-+    }
- }
- 
- if (!isset($_POST['emptylabel']) || ($_POST['emptylabel'] == '')) {
-- 
cgit