From 99cfde6479207ba9349d8c4a093ef14a1026154d Mon Sep 17 00:00:00 2001
From: Jim Hu <jimhu@users.sourceforge.net>
Date: Sat, 13 Dec 2008 23:42:30 +0000
Subject: debug rrules; fix cookie injection vuln

---
 functions/parse/parse_tzs.php | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

(limited to 'functions/parse/parse_tzs.php')

diff --git a/functions/parse/parse_tzs.php b/functions/parse/parse_tzs.php
index 85ab929..93f24d5 100644
--- a/functions/parse/parse_tzs.php
+++ b/functions/parse/parse_tzs.php
@@ -1,7 +1,7 @@
 <?php
 $ifile = @fopen($filename, "r");
 if ($ifile == FALSE) exit(error($lang['l_error_cantopen'], $filename));
-$nextline = fgets($ifile, 1024);
+$nextline = fgets($ifile);
 if (trim($nextline) != 'BEGIN:VCALENDAR') exit(error($lang['l_error_invalidcal'], $filename));
 
 // read file in line by line
@@ -24,18 +24,30 @@ while (!feof($ifile)) {
 			break;
 		case 'BEGIN:STANDARD':
 			unset ($offset_s);
+			$is_std = true;
 			break;
 		case 'END:STANDARD':
 			$offset_s = $offset_to;
+			$is_std = false;
 			break;
 		case 'BEGIN:DAYLIGHT':
 			unset ($offset_d);
+			$is_daylight = true;
 			break;
 		case 'END:DAYLIGHT':
 			$offset_d = $offset_to;
+			$is_daylight = false;
 			break;
 		case 'END:VTIMEZONE':
-			$tz_array[$tz_id] = array($offset_s, $offset_d); #echo "<pre>$tz_id"; print_r($tz_array[$tz_id]);echo"</pre>";
+			$tz_array[$tz_id] = array(
+				0	=> $offset_s, 
+				1	=> $offset_d,
+				'dt_start' => $begin_daylight,
+				'st_start' => $begin_std,
+				'st_name'	=> $st_name,
+				'dt_name'	=> $dt_name
+				
+				); #echo "<pre>$tz_id"; print_r($tz_array[$tz_id]);echo"</pre>";
 			break;
 		default:
 			unset ( $data, $prop_pos, $property);
@@ -56,6 +68,14 @@ while (!feof($ifile)) {
 					case 'TZOFFSETTO':
 						$offset_to = $data;
 						break;
+					case 'DTSTART':
+						if($is_std) $begin_std = $data;
+						if($is_daylight) $begin_daylight = $data;
+						break;
+					case 'TZNAME':
+						if($is_std) $st_name = $data;
+						if($is_daylight) $dt_name = $data;
+						break;
 				}
 			}	
 	}
-- 
cgit v1.2.3