From a920aeffc78bc2d17e4372d3f66c3af252c8647f Mon Sep 17 00:00:00 2001
From: Luca <ldanzelmo@gmail.com>
Date: Fri, 7 Nov 2014 13:52:00 +0100
Subject: [PATCH 1/5] Add same optimizations applied to general.php catalog
 side

---
 catalog/admin/includes/functions/general.php | 33 ++++++++++++--------
 1 file changed, 20 insertions(+), 13 deletions(-)

diff --git a/catalog/admin/includes/functions/general.php b/catalog/admin/includes/functions/general.php
index fa3659ee9..300008d92 100644
--- a/catalog/admin/includes/functions/general.php
+++ b/catalog/admin/includes/functions/general.php
@@ -56,9 +56,9 @@ function tep_output_string($string, $translate = false, $protected = false) {
       return htmlspecialchars($string);
     } else {
       if ($translate == false) {
-        return tep_parse_input_field_data($string, array('"' => '&quot;'));
+        return strtr(trim($string), array('"' => '&quot;'));
       } else {
-        return tep_parse_input_field_data($string, $translate);
+        return strtr(trim($string), $translate);
       }
     }
   }
@@ -118,17 +118,24 @@ function tep_get_path($current_category_id = '') {
   }
 
   function tep_get_all_get_params($exclude_array = '') {
-
-    if ($exclude_array == '') $exclude_array = array();
+   if (!is_array($exclude_array)) $exclude_array = array();
+   
+    $exclude_array[] = session_name();
+    $exclude_array[] = 'error';
+    $exclude_array[] = 'x';
+    $exclude_array[] = 'y';
 
     $get_url = '';
-
-    foreach ( $_GET as $key => $value ) {
-      if (($key != tep_session_name()) && ($key != 'error') && (!in_array($key, $exclude_array))) $get_url .= $key . '=' . $value . '&';
-    }
-
-    return $get_url;
+   
+    if (is_array($_GET) && (!empty($_GET))) {
+      foreach ($_GET as $key => $value) {
+        if ( !in_array($key, $exclude_array) ) {
+          $get_url .= $key . '=' . rawurlencode($value) . '&';
+        }
+     }
   }
+    return $get_url;
+}
 
   function tep_date_long($raw_date) {
     if ( ($raw_date == '0000-00-00 00:00:00') || ($raw_date == '') ) return false;
@@ -1352,8 +1359,9 @@ function tep_string_to_int($string) {
 // Parse and secure the cPath parameter values
   function tep_parse_category_path($cPath) {
 // make sure the category IDs are integers
-    $cPath_array = array_map('tep_string_to_int', explode('_', $cPath));
-
+    $cPath_array = array_map(function ($string) {
+      return (int)$string;
+    }, explode('_', $cPath));
 // make sure no duplicate category IDs exist which could lock the server in a loop
     $tmp_array = array();
     $n = sizeof($cPath_array);
@@ -1362,7 +1370,6 @@ function tep_parse_category_path($cPath) {
         $tmp_array[] = $cPath_array[$i];
       }
     }
-
     return $tmp_array;
   }
 

From 1a47ad1e0b46450919ece180d6a85156854759e2 Mon Sep 17 00:00:00 2001
From: Luca <ldanzelmo@gmail.com>
Date: Fri, 7 Nov 2014 14:02:06 +0100
Subject: [PATCH 2/5] Remove tep_string_to_int function

---
 catalog/admin/includes/functions/general.php | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/catalog/admin/includes/functions/general.php b/catalog/admin/includes/functions/general.php
index 300008d92..6bf8a2d7d 100644
--- a/catalog/admin/includes/functions/general.php
+++ b/catalog/admin/includes/functions/general.php
@@ -1351,10 +1351,6 @@ function tep_convert_linefeeds($from, $to, $string) {
       return str_replace($from, $to, $string);
   }
 
-  function tep_string_to_int($string) {
-    return (int)$string;
-  }
-
 ////
 // Parse and secure the cPath parameter values
   function tep_parse_category_path($cPath) {

From 876ca28a4b6fef3d01a5901fe6e8084dfdfd8d36 Mon Sep 17 00:00:00 2001
From: Luca <ldanzelmo@gmail.com>
Date: Mon, 10 Nov 2014 01:17:42 +0100
Subject: [PATCH 3/5] Remove tep_parse_input_field_data function

---
 catalog/admin/includes/functions/general.php | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/catalog/admin/includes/functions/general.php b/catalog/admin/includes/functions/general.php
index 6bf8a2d7d..13e0d2f25 100644
--- a/catalog/admin/includes/functions/general.php
+++ b/catalog/admin/includes/functions/general.php
@@ -45,12 +45,6 @@ function tep_redirect($url) {
     exit;
   }
 
-////
-// Parse the data used in the html tags to ensure the tags will not break
-  function tep_parse_input_field_data($data, $parse) {
-    return strtr(trim($data), $parse);
-  }
-
   function tep_output_string($string, $translate = false, $protected = false) {
     if ($protected == true) {
       return htmlspecialchars($string);

From df54db7d4c725f3833ba879627e26880e2db4fd6 Mon Sep 17 00:00:00 2001
From: Luca <ldanzelmo@gmail.com>
Date: Sat, 20 Dec 2014 00:16:32 +0100
Subject: [PATCH 4/5] Add conditional check for $ip_addresses[] =
 $_SERVER['REMOTE_ADDR'];

---
 catalog/admin/includes/functions/general.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/catalog/admin/includes/functions/general.php b/catalog/admin/includes/functions/general.php
index 13e0d2f25..6e395278e 100644
--- a/catalog/admin/includes/functions/general.php
+++ b/catalog/admin/includes/functions/general.php
@@ -1410,7 +1410,9 @@ function tep_get_ip_address() {
       $ip_addresses[] = $_SERVER['HTTP_PROXY_USER'];
     }
 
-    $ip_addresses[] = $_SERVER['REMOTE_ADDR'];
+    if ( isset($_SERVER['REMOTE_ADDR']) && !empty($_SERVER['REMOTE_ADDR']) ) {
+        $ip_addresses[] = $_SERVER['REMOTE_ADDR'];
+    }
 
     foreach ( $ip_addresses as $ip ) {
       if (!empty($ip) && tep_validate_ip_address($ip)) {

From ecc284e619e066d4a6aa1ba1d6ebe9e76c338617 Mon Sep 17 00:00:00 2001
From: Luca <ldanzelmo@gmail.com>
Date: Tue, 23 Dec 2014 20:37:44 +0100
Subject: [PATCH 5/5] Update tep_not_null function

---
 catalog/admin/includes/functions/general.php | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/catalog/admin/includes/functions/general.php b/catalog/admin/includes/functions/general.php
index 6e395278e..d12ddce4f 100644
--- a/catalog/admin/includes/functions/general.php
+++ b/catalog/admin/includes/functions/general.php
@@ -319,13 +319,19 @@ function tep_get_zone_name($country_id, $zone_id, $default_zone) {
 
   function tep_not_null($value) {
     if (is_array($value)) {
-      if (sizeof($value) > 0) {
+      if (!empty($value)) {
         return true;
       } else {
         return false;
       }
+    } elseif(is_object($value)) {
+      if (count(get_object_vars($value)) === 0) {
+        return false;
+      } else {
+        return true;
+      }
     } else {
-      if ( (is_string($value) || is_int($value)) && ($value != '') && ($value != 'NULL') && (strlen(trim($value)) > 0)) {
+      if (($value != '') && (strtolower($value) != 'null') && (strlen(trim($value)) > 0)) {
         return true;
       } else {
         return false;