File includes/globals_off.inc.php

  1: <?php
  2: /**
  3:  * Makes available those super global arrays that are made available in versions
  4:  * of PHP after v4.1.0.
  5:  * This file is where all the "magic" begins. We ignore register_globals setting
  6:  * and retrieve any variable from wherever and transform them to global
  7:  * variables. This is highly insecure, so variables need to be checked
  8:  * carefully.
  9:  *
 10:  * @package Core
 11:  * @subpackage Backend
 12:  * @version SVN Revision $Rev:$
 13:  *
 14:  * @author Martin Horwarth
 15:  * @copyright four for business AG <www.4fb.de>
 16:  * @license http://www.contenido.org/license/LIZENZ.txt
 17:  * @link http://www.4fb.de
 18:  * @link http://www.contenido.org
 19:  */
 20: 
 21: /**
 22:  * Set constant value depending on get_magic_quotes_gpc status
 23:  *
 24:  * @var boolean
 25:  */
 26: if (function_exists('get_magic_quotes_gpc')) {
 27:     define('CON_STRIPSLASHES', !get_magic_quotes_gpc());
 28: } else {
 29:     define('CON_STRIPSLASHES', true);
 30: }
 31: 
 32: // Simulate get_magic_quotes_gpc on if turned off
 33: if (CON_STRIPSLASHES) {
 34: 
 35:     /**
 36:      * Adds slashes to passed variable
 37:      *
 38:      * @param mixed $value Either a string or a multi-dimensional array of
 39:      *        values
 40:      * @return array
 41:      * @deprecated [2013-03-12] This function is for internal usage, use
 42:      *             cString::addSlashes() for own purposes
 43:      */
 44:     function addslashes_deep($value) {
 45:         $value = is_array($value) ? array_map('addslashes_deep', $value) : addslashes($value);
 46:         return $value;
 47:     }
 48: 
 49:     /**
 50:      * Removes slashes from passed variable.
 51:      *
 52:      * @param mixed $value Either a string or a multi-dimensional array of
 53:      *        values
 54:      * @return array
 55:      * @deprecated [2013-03-12] This function is for internal usage, use
 56:      *             cString::stripSlashes() for own purposes
 57:      */
 58:     function stripslashes_deep($value) {
 59:         $value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
 60:         return $value;
 61:     }
 62: 
 63:     $_POST = array_map('addslashes_deep', $_POST);
 64:     $_GET = array_map('addslashes_deep', $_GET);
 65:     $_COOKIE = array_map('addslashes_deep', $_COOKIE);
 66: 
 67:     $cfg['simulate_magic_quotes'] = true;
 68: } else {
 69:     $cfg['simulate_magic_quotes'] = false;
 70: }
 71: 
 72: // This should be the default setting, but only for PHP older than 5.3.0
 73: if (version_compare(PHP_VERSION, '5.3.0', '<')) {
 74:     @set_magic_quotes_runtime(0);
 75: }
 76: 
 77: // Register globals
 78: $types_to_register = array(
 79:     'GET',
 80:     'POST',
 81:     'COOKIE',
 82:     'SESSION',
 83:     'SERVER'
 84: );
 85: foreach ($types_to_register as $global_type) {
 86:     $arr = @ ${'_' . $global_type};
 87:     if (is_array($arr) && count($arr) > 0) {
 88:         // Second loop to prevent overwriting of globals by other globals'
 89:         // values
 90:         foreach ($types_to_register as $global_type) {
 91:             $key = '_' . $global_type;
 92:             if (isset($arr[$key])) {
 93:                 unset($arr[$key]);
 94:             }
 95:         }
 96:         // echo "<pre>\$_$global_type:"; print_r ($arr); echo "</pre>";
 97:         extract($arr, EXTR_OVERWRITE);
 98:     }
 99: }
100: 
101: // Save memory
102: unset($types_to_register, $global_type, $arr);
103:
Packages

Classes

Functions
