#804 Limit legacy SocketHidra key-value split

This bug was found by USAL and UPV. They reported that WebConsole was
showing scripts incompletely if they contain "=".

SocketHidra stores key-value pair as "<key>=<value>" string, and the
parser splits the string on "=" characters and pick the first two
elements. Thus, if the value also contains "=", the parser splits it and
only picks the first part.

Note: keys strings never contain "=".

With "scp=this=is=a=test" as example
	BEFORE this commit the parser returns
		"scp" as key
		"this" as value
	AFTER this commit the parser returns
		"spc" as key
		"this=is=a=test" as value

Limit legacy SocketHidra key-value split to two elements, key and value.

This commit also removes script decoding because WebConsole stores
them decoded since v1.2.0.

1 files changed, 2 insertions, 2 deletions

diff --git a/admin/WebConsole/includes/comunes.php b/admin/WebConsole/includes/comunes.php
index 213e764e..f12ea94a 100644
--- a/admin/WebConsole/includes/comunes.php
+++ b/admin/WebConsole/includes/comunes.php
@@ -151,7 +151,7 @@
 		$html="";
 		$auxprm=explode($ch,$parametros);
 		for($i=0;$i<sizeof($auxprm);$i++){
-			list($nemonico,$valor)=explode("=",$auxprm[$i]);
+			list($nemonico, $valor) = explode("=", $auxprm[$i], 2);
 			if(isset($tbParametros[$nemonico])){
 				if($tbParametros[$nemonico]["visual"]==1){
 					$tbParametrosValor[$nemonico]["descripcion"]=$tbParametros[$nemonico]["descripcion"];
@@ -181,7 +181,7 @@
 							$tbParametrosValor[$nemonico]["valor"]=$tbcte[$valor];
 							break;
 						case 4: // El valor lo toma directamente pero está codificado con urlencode
-							$tbParametrosValor[$nemonico]["valor"]='<PRE>'.urldecode($valor).'</PRE>';
+							$tbParametrosValor[$nemonico]["valor"]='<PRE>'.$valor.'</PRE>';
 							break;
 						case 5: // El valor es 0 ó 1 y se muestra NO o SI
 							$tbSN[0]="No";