makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-08 04:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

deregister globals to install too

Browse source 
git-svn-id: file:///svn/phpbb/trunk@8130 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2007-10-04 11:33:33 +00:00
parent 303239afa4
commit 92f554e38a
18 changed files with 174 additions and 119 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
phpBB/install/convertors/functions_phpbb20.php
View file

@ -8,6 +8,11 @@
* *
*/ */
if (!defined('IN_PHPBB'))
{
exit;
}
/** /**
* Helper functions for phpBB 2.0.x to phpBB 3.0.x conversion * Helper functions for phpBB 2.0.x to phpBB 3.0.x conversion
*/ */

18
phpBB/install/data/confusables.php
View file

File diff suppressed because one or more lines are too long

15
phpBB/install/data/new_normalizer.php
View file

@ -1,5 +1,20 @@
<?php <?php
/**
*
* @package install
* @version $Id$
* @copyright (c) 2007 phpBB Group
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
/**
* @ignore
*/
if (!defined('IN_PHPBB'))
{
exit;
}
/** /**
* A wrapper function for the normalizer which takes care of including the class if required and modifies the passed strings * A wrapper function for the normalizer which takes care of including the class if required and modifies the passed strings

47
phpBB/install/index.php
View file

@ -34,17 +34,17 @@ if (version_compare(PHP_VERSION, '4.3.3') < 0)
function deregister_globals() function deregister_globals()
{ {
$not_unset = array( $not_unset = array(
'GLOBALS' => true, 'GLOBALS' => true,
'_GET' => true, '_GET' => true,
'_POST' => true, '_POST' => true,
'_COOKIE' => true, '_COOKIE' => true,
'_REQUEST' => true, '_REQUEST' => true,
'_SERVER' => true, '_SERVER' => true,
'_SESSION' => true, '_SESSION' => true,
'_ENV' => true, '_ENV' => true,
'_FILES' => true, '_FILES' => true,
'phpEx' => true, 'phpEx' => true,
'phpbb_root_path' => true 'phpbb_root_path' => true
); );
// Not only will array_merge and array_keys give a warning if // Not only will array_merge and array_keys give a warning if
@ -55,8 +55,7 @@ function deregister_globals()
$_SESSION = array(); $_SESSION = array();
} }
// Merge all into one extremely huge array; unset // Merge all into one extremely huge array; unset this later
// this later
$input = array_merge( $input = array_merge(
array_keys($_GET), array_keys($_GET),
array_keys($_POST), array_keys($_POST),
@ -71,8 +70,26 @@ function deregister_globals()
{ {
if (isset($not_unset[$varname])) if (isset($not_unset[$varname]))
{ {
// Hacking attempt. No point in continuing. // Hacking attempt. No point in continuing unless it's a COOKIE
exit; if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS']))
{
exit;
}
else
{
$cookie = &$_COOKIE;
while (isset($cookie['GLOBALS']))
{
foreach ($cookie['GLOBALS'] as $registered_var => $value)
{
if (!isset($not_unset[$registered_var]))
{
unset($GLOBALS[$registered_var]);
}
}
$cookie = &$cookie['GLOBALS'];
}
}
} }
unset($GLOBALS[$varname]); unset($GLOBALS[$varname]);