File includes/globals_off.inc.php

 1: <?php
 2: /**
 3:  * Makes available those super global arrays that are made available in versions of PHP after v4.1.0.
 4:  * This file is where all the "magic" begins. We ignore register_globals setting and retrieve any
 5:  * variable from wherever and transform them to global variables. This is highly insecure, so variables
 6:  * need to be checked carefully.
 7:  *
 8:  * @package          Core
 9:  * @subpackage       Backend
10:  * @version          SVN Revision $Rev:$
11:  *
12:  * @author           Martin Horwarth
13:  * @copyright        four for business AG <www.4fb.de>
14:  * @license          http://www.contenido.org/license/LIZENZ.txt
15:  * @link             http://www.4fb.de
16:  * @link             http://www.contenido.org
17:  */
18: 
19: /**
20:  * Set constant value depending on get_magic_quotes_gpc status
21:  * Only with phpversion before 5.3.0
22:  * @var boolean
23:  */
24: if (phpversion() <= "5.3.0") {
25:     define('CON_STRIPSLASHES', get_magic_quotes_gpc());
26: }
27: 
28: // Simulate get_magic_quotes_gpc on if turned off
29: if (CON_STRIPSLASHES) {
30: 
31:     /**
32:      * Adds slashes to passed variable
33:      * @param mixed $value Either a string or a multi-dimensional array of values
34:      * @return array
35:      * @deprecated [2013-03-12]  This function is for internal usage, use cString::addSlashes() for own purposes
36:      */
37:     function addslashes_deep($value) {
38:         $value = is_array($value) ? array_map('addslashes_deep', $value) : addslashes($value);
39:         return $value;
40:     }
41: 
42:     /**
43:      * Removes slashes from passed variable.
44:      * @param mixed $value Either a string or a multi-dimensional array of values
45:      * @return array
46:      * @deprecated [2013-03-12]  This function is for internal usage, use cString::stripSlashes() for own purposes
47:      */
48:     function stripslashes_deep($value) {
49:         $value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
50:         return $value;
51:     }
52: 
53:     $_POST = array_map('addslashes_deep', $_POST);
54:     $_GET = array_map('addslashes_deep', $_GET);
55:     $_COOKIE = array_map('addslashes_deep', $_COOKIE);
56: 
57:     $cfg['simulate_magic_quotes'] = true;
58: } else {
59:     $cfg['simulate_magic_quotes'] = false;
60: }
61: 
62: // This should be the default setting, but only for PHP older than 5.3.0
63: if (!CON_STRIPSLASHES && (version_compare(PHP_VERSION, '5.3.0', '<'))) {
64:     @set_magic_quotes_runtime(0);
65: }
66: 
67: // Register globals
68: $types_to_register = array('GET', 'POST', 'COOKIE', 'SESSION', 'SERVER');
69: foreach ($types_to_register as $global_type) {
70:     $arr = @ ${'_' . $global_type};
71:     if (is_array($arr) && count($arr) > 0) {
72:         // Second loop to prevent overwriting of globals by other globals' values
73:         foreach ($types_to_register as $global_type) {
74:             $key = '_' . $global_type;
75:             if (isset($arr[$key])) {
76:                 unset($arr[$key]);
77:             }
78:         }
79:         // echo "<pre>\$_$global_type:"; print_r ($arr); echo "</pre>";
80:         extract($arr, EXTR_OVERWRITE);
81:     }
82: }
83: 
84: // Save memory
85: unset($types_to_register, $global_type, $arr);
86:
Packages

Classes

Functions
