Check out Janggi (Korean Chess), our featured variant for December, 2024.


[ Help | Earliest Comments | Latest Comments ]
[ List All Subjects of Discussion | Create New Subject of Discussion ]
[ List Earliest Comments Only For Pages | Games | Rated Pages | Rated Games | Subjects of Discussion ]

Single Comment

Diagram Editor with scalable graphics. An easy-to-use tool for drawing boards and pieces of any size and color.[All Comments] [Add Comment or Rating]
🕸Fergus Duniho wrote on Wed, Nov 22, 2023 12:13 AM UTC in reply to H. G. Muller from Tue Nov 21 10:53 PM:

Okay, I have updated fen2.php, and it is working.

Instead of using $_GET directly, it will now decode the query string with urldecode() and html_entity_decode() before parsing it. This allows it to convert both %26 and & to an &.

It uses a $default array to screen out unrecognized options. It adds an option as an argument to the command only if (1) it has a default value listed, and (2) its value does not match the default value. Since I do not know the default values used by fen2.cgi, I made all the default values empty strings. So, right now, it will include any non-empty value for any recognized options.

It uses escapeshellarg() on each value as a precaution against someone trying to run another program on the server.