|
@@ -2077,8 +2077,20 @@ function top_menu($head, $title = '', $target = '', $disablejs = 0, $disablehead
|
|
|
|
|
|
if (isset($_POST) && is_array($_POST)) {
|
|
|
foreach ($_POST as $key => $value) {
|
|
|
- if ($key !== 'action' && $key !== 'password' && !is_array($value)) {
|
|
|
- $qs .= '&'.$key.'='.urlencode($value);
|
|
|
+ $key = preg_replace('/[^a-z0-9_\-\[\]]/i', '', $key);
|
|
|
+ if (in_array($key, array('action', 'massaction', 'password'))) {
|
|
|
+ continue;
|
|
|
+ }
|
|
|
+ if (!is_array($value)) {
|
|
|
+ if ($value !== '') {
|
|
|
+ $qs .= '&'.$key.'='.urlencode($value);
|
|
|
+ }
|
|
|
+ } else {
|
|
|
+ foreach ($value as $value2) {
|
|
|
+ if (($value2 !== '') && (!is_array($value2))) {
|
|
|
+ $qs .= '&'.$key.'[]='.urlencode($value2);
|
|
|
+ }
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
}
|