From d2762424d60d4be3ece6c15d559db9db2d2b1131 Mon Sep 17 00:00:00 2001
From: Chad Little <clittle@users.sourceforge.net>
Date: Thu, 17 Oct 2002 01:03:28 +0000
Subject: Fixed addslashes

---
 day.php          | 23 +++++++++--------------
 month.php        |  2 +-
 month_bottom.php |  2 +-
 sidebar.php      | 10 +++-------
 week.php         | 21 ++++++++-------------
 5 files changed, 22 insertions(+), 36 deletions(-)

diff --git a/day.php b/day.php
index caf6baf..d79f70c 100644
--- a/day.php
+++ b/day.php
@@ -94,12 +94,12 @@ if (is_array($master_array[($getdate)])) {
 						echo '<td colspan="3" height="24">'."\n";
 						echo '<table width="100%" border="0" cellspacing="1" cellpadding="4">'."\n";
 						foreach($master_array[($getdate)]['-1'] as $allday) {
-							$all_day_text = $allday['event_text'];
+							$event_text = stripslashes(urldecode($allday['event_text']));
 							$description = $allday['description'];
-							$event_text2 = rawurlencode(addslashes($all_day_text));
+							$event_text2 = rawurlencode(addslashes($allday['event_text']));
 					
 							echo '<tr>'."\n";
-							echo '<td valign="top" align="center" class="eventbg"><a class="psf" href="javascript:openEventInfo(\''.$event_text2.'\', \''.$calendar_name.'\', \''.$event_start.'\', \''.$event_end.'\', \''.$description.'\')"><font color="#ffffff"><i>'.$all_day_text.'</i></font></a></td>'."\n";
+							echo '<td valign="top" align="center" class="eventbg"><a class="psf" href="javascript:openEventInfo(\''.$event_text2.'\', \''.$calendar_name.'\', \''.$event_start.'\', \''.$event_end.'\', \''.$description.'\')"><font color="#ffffff"><i>'.$event_text.'</i></font></a></td>'."\n";
 							echo '</tr>'."\n";
 						}
 						echo '</table>'."\n";
@@ -174,19 +174,14 @@ if (is_array($master_array[($getdate)])) {
 											switch ($event_length[$i]['state']) {
 												case 'begin':
 													$event_length[$i]['state'] = 'started';
-													$event_text 	= urldecode($master_array[($getdate)][$cal_time][($event_length[$i]['key'])]['event_text']);
-													$event_text2 	= addslashes($master_array[($getdate)][$cal_time][($event_length[$i]['key'])]['event_text']);
-													$event_text2 	= rawurlencode($event_text2);
-													$event_start 	= $master_array[($getdate)][$cal_time][($event_length[$i]['key'])]['event_start'];
-													$event_end		= $master_array[($getdate)][$cal_time][($event_length[$i]['key'])]['event_end'];
-													$description 	= addslashes($master_array[($getdate)][$cal_time][($event_length[$i]['key'])]['description']);
-													$description	= rawurlencode($description);
-													$event_start 	= strtotime ($event_start);
+													$event_text 	= stripslashes(urldecode($master_array[($getdate)][$cal_time][($event_length[$i]['key'])]['event_text']));
+													$event_text2 	= rawurlencode(addslashes($master_array[($getdate)][$cal_time][($event_length[$i]['key'])]['event_text']));
+													$event_start 	= strtotime ($master_array[($getdate)][$cal_time][($event_length[$i]['key'])]['event_start']);
+													$event_end		= strtotime ($master_array[($getdate)][$cal_time][($event_length[$i]['key'])]['event_end']);
+													$description 	= rawurlencode(addslashes($master_array[($getdate)][$cal_time][($event_length[$i]['key'])]['description']));
 													$event_start 	= date ($timeFormat, $event_start);
-													$event_end 		= strtotime ($event_end);
 													$event_end 		= date ($timeFormat, $event_end);
-													$calendar_name2	= addslashes($calendar_name);
-													$calendar_name2 = rawurlencode($calendar_name2);
+													$calendar_name2	= rawurlencode(addslashes($calendar_name));
 													echo '<td rowspan="' . $event_length[$i]['length'] . '" colspan="' . $drawWidth . '" align="left" valign="top" class="eventbg2">'."\n";
 													echo '<table width="100%" border="0" cellspacing="0" cellpadding="2">'."\n";
 													echo '<tr>'."\n";
diff --git a/month.php b/month.php
index 7a771b7..421c199 100644
--- a/month.php
+++ b/month.php
@@ -133,7 +133,7 @@
 								foreach ($master_array[("$daylink")] as $event_times) {
 									foreach ($event_times as $val) {
 										$num_of_events++;
-										$event_text = urldecode($val["event_text"]);
+										$event_text = stripslashes(urldecode($val["event_text"]));
 										$event_text = strip_tags($event_text, '<b><i><u>');
 										if ($event_text != "") {	
 											$event_text2 	= addslashes($val["event_text"]);
diff --git a/month_bottom.php b/month_bottom.php
index efbd30f..aed4225 100644
--- a/month_bottom.php
+++ b/month_bottom.php
@@ -360,7 +360,7 @@
 												// Pull out each time
 												foreach ($new_val as $new_key2 => $new_val2) {
 												if ($new_val2["event_text"]) {	
-													$event_text 	= urldecode($new_val2["event_text"]);
+													$event_text 	= stripslashes(urldecode($new_val2["event_text"]));
 													$event_text2 	= addslashes($new_val2["event_text"]);
 													$event_text2 	= str_replace("\"", "&quot;", $event_text2);
 													$event_text2 	= urlencode($event_text2);
diff --git a/sidebar.php b/sidebar.php
index cc9bf03..7db68c6 100644
--- a/sidebar.php
+++ b/sidebar.php
@@ -168,14 +168,11 @@
 								<?php
 								foreach ($master_array[("$tomorrows_date")] as $event_times) {
 									foreach ($event_times as $val) {
-										$event_text = urldecode($val["event_text"]);
+										$event_text = stripslashes(urldecode($val["event_text"]));
 										$event_text = strip_tags($event_text, '<b><i><u>');
 										if ($event_text != "") {	
-											$event_text2 	= addslashes($val["event_text"]);
-											$event_text2 	= urlencode($event_text2);
-											$description 	= $val["description"];
-											$description 	= addslashes($val["description"]);
-											$description	= urlencode($description);
+											$event_text2 	= rawurlencode(addslashes($val["event_text"]));
+											$description 	= urlencode(addslashes($val["description"]));
 											$event_start 	= @$val["event_start"];
 											$event_end 		= @$val["event_end"];
 											$event_start 	= date ($timeFormat, @strtotime ("$event_start"));
@@ -195,7 +192,6 @@
 											}
 											echo "</td>\n";
 											echo "</tr>\n";
-											//$num_of_events++;
 										}
 									}
 								}
diff --git a/week.php b/week.php
index 15ddd44..7dc0010 100644
--- a/week.php
+++ b/week.php
@@ -173,9 +173,9 @@ for ($i=0;$i<7;$i++) {
 									if (isset($master_array[($thisday)]["-1"])) {
 										echo "<table width=\"100%\" border=\"0\" cellspacing=\"1\" cellpadding=\"4\" class=\"V9\">\n";
 										foreach($master_array[($thisday)]["-1"] as $allday) {
-											$all_day_text 	= urldecode($allday["event_text"]);
-											$all_day_text 	= word_wrap($all_day_text, 12, $allday_week_lines);
+											$all_day_text 	= stripslashes(urldecode($allday["event_text"]));
 											$event_text2 	= urlencode(addslashes($all_day_text));
+											$all_day_text 	= word_wrap($all_day_text, 12, $allday_week_lines);
 											$description 	= $allday["description"];
 											echo "<tr>\n";
 											echo "<td colspan=\"" . $nbrGridCols[$thisday] . "\" valign=\"top\" align=\"center\" class=\"eventbg\"><a class=\"psf\" href=\"javascript:openEventInfo('$event_text2', '$calendar_name', '$event_start', '$event_end', '$description')\"><font color=\"#ffffff\">$all_day_text</font></a></td>\n";
@@ -263,20 +263,15 @@ for ($i=0;$i<7;$i++) {
 													case "begin":
 													
 														$event_length[$thisday][$i]["state"] = "started";
-														$event_text 	= urldecode($master_array[($thisday)]["$cal_time"][($event_length[$thisday][$i]["key"])]["event_text"]);
+														$event_text 	= stripslashes(urldecode($master_array[($thisday)]["$cal_time"][($event_length[$thisday][$i]["key"])]["event_text"]));
 														$event_text 	= word_wrap($event_text, 25, $week_events_lines);
-														$event_text2 	= addslashes($master_array[($thisday)]["$cal_time"][($event_length[$thisday][$i]["key"])]["event_text"]);
-														$event_text2 	= urlencode($event_text2);
-														$event_start 	= $master_array[($thisday)]["$cal_time"][($event_length[$thisday][$i]["key"])]["event_start"];
-														$event_end		= $master_array[($thisday)]["$cal_time"][($event_length[$thisday][$i]["key"])]["event_end"];
-														$description 	= addslashes($master_array[($thisday)]["$cal_time"][($event_length[$thisday][$i]["key"])]["description"]);
-														$description	= urlencode($description);
-														$event_start 	= strtotime ("$event_start");
+														$event_text2 	= urlencode(addslashes($master_array[($thisday)]["$cal_time"][($event_length[$thisday][$i]["key"])]["event_text"]));
+														$event_start 	= strtotime ($master_array[($thisday)]["$cal_time"][($event_length[$thisday][$i]["key"])]["event_start"]);
+														$event_end		= strtotime ($master_array[($thisday)]["$cal_time"][($event_length[$thisday][$i]["key"])]["event_end"]);
+														$description 	= urlencode(addslashes($master_array[($thisday)]["$cal_time"][($event_length[$thisday][$i]["key"])]["description"]));
 														$event_start 	= date ($timeFormat, $event_start);
-														$event_end 		= strtotime ("$event_end");
 														$event_end 		= date ($timeFormat, $event_end);
-														$calendar_name2	= addslashes($calendar_name);
-														$calendar_name2 = urlencode($calendar_name2);
+														$calendar_name2	= urlencode(addslashes($calendar_name));
 														echo "<td rowspan=\"" . $event_length[$thisday][$i]["length"] . "\" colspan=\"" . $drawWidth . "\" align=\"left\" valign=\"top\" class=\"eventbg2week\">\n";
 														echo "<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n";
 														echo "<tr>\n";
-- 
cgit v1.2.3