Check-in [262eedd52e]
Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | more generic (ewiki_ to upgradephp_ prefix) |
---|---|
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
262eedd52e6ff233ba112bf32519999a |
User & Date: | mario 2012-01-09 15:40:41 |
Context
2012-01-16
| ||
06:28 | implemented JSON_PARSE_JAVASCRIPT which allows for unquoted array keys and ' single quoted strings, also moved comment handling into that mode check-in: cdadc78b73 user: mario tags: trunk | |
2012-01-09
| ||
15:40 | more generic (ewiki_ to upgradephp_ prefix) check-in: 262eedd52e user: mario tags: trunk | |
15:39 | more generic check for JSON integer length check-in: 26e52fe438 user: mario tags: trunk | |
Changes
Changes to ext/contrib/fix_magic_quotes.php.
1 | <?php | | | | | | > | > | | | | | < < < | > | < < | < | < < < < < < < < < < | < < > | | | | | | | | | | | | | | | | | | > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 | <?php /** * api: php * type: intercept * title: PHP fixes * descriptions: removes bogus magic_quotes and left over superglobals * version: 1.2 * priority: auto * autoexec: 1 * category: library * conflicts: strike_register_globals, strip_wonderful_slashes * * Outdated and bogus PHP settings (register_globals and magic_quotes) are * undone by this script. This avoids negative impact on contemporary code. * * This variant can be manually included, or used as auto_prepend_file= * via .user.ini or .htaccess declarations. Preferrably of course, the main * php.ini should be fixed. * **/ #-- implementation if (!function_exists("upgradephp_recursive_stripslashes")) { function upgradephp_recursive_unset(&$TO, $FROM) { foreach ($FROM as $var=>$value) { if (isset($TO[$var]) && ($TO[$var]==$FROM[$var])) { unset($TO[$var]); unset($TO[$var]); // double unset to work around ZE-num/assoc-hashcode bug } } } function upgradephp_recursive_stripslashes(&$var) { if (is_array($var)) { foreach ($var as $key=>$item) { upgradephp_recursive_stripslashes($var[$key]); } } else { $var = stripslashes($var); } } } #-- strike register_globals (injected variables) if (ini_get("register_globals") == "1") { upgradephp_recursive_unset($GLOBALS, $_REQUEST); ini_set("register_globals", 0); } #-- strip any \'s if magic_quotes (variable garbaging) is still enabled if (ini_get("magic_quotes_gpc") && get_magic_quotes_gpc() && !defined("MAGIC_QUOTES_DISABLED")) { upgradephp_recursive_stripslashes($_REQUEST); upgradephp_recursive_stripslashes($_GET); upgradephp_recursive_stripslashes($_POST); upgradephp_recursive_stripslashes($_COOKIE); upgradephp_recursive_stripslashes($_ENV); upgradephp_recursive_stripslashes($_SERVER); ini_set("magic_quotes_gpc", 0); define("MAGIC_QUOTES_DISABLED", 1) or trigger_error("fix_magic_quotes has been invoked twice"); } #-- now that one is really dumb get_magic_quotes_runtime() && set_magic_quotes_runtime(0); ?> |