makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

blah

Browse source 
git-svn-id: file:///svn/phpbb/trunk@5860 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2006-04-29 13:31:32 +00:00
parent 859902ea24
commit b011b84060
1 changed files with 56 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

106
phpBB/common.php
View file

@ -23,8 +23,61 @@ if (!defined('IN_PHPBB'))
$starttime = explode(' ', microtime()); $starttime = explode(' ', microtime());
$starttime = $starttime[1] + $starttime[0]; $starttime = $starttime[1] + $starttime[0];
error_reporting(E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables error_reporting(E_ERROR | E_WARNING | E_PARSE);
//error_reporting(E_ALL);
/*
* Remove variables created by register_globals from the global scope
* Thanks to Matt Kavanagh
*/
function deregister_globals()
{
$not_unset = array(
'GLOBALS' => true,
'_GET' => true,
'_POST' => true,
'_COOKIE' => true,
'_REQUEST' => true,
'_SERVER' => true,
'_SESSION' => true,
'_ENV' => true,
'_FILES' => true,
'phpEx' => true,
'phpbb_root_path' => true
);
// Not only will array_merge and array_keys give a warning if
// a parameter is not an array, array_merge will actually fail.
// So we check if _SESSION has been initialised.
if (!isset($_SESSION) || !is_array($_SESSION))
{
$_SESSION = array();
}
// Merge all into one extremely huge array; unset
// this later
$input = array_merge(
array_keys($_GET),
array_keys($_POST),
array_keys($_COOKIE),
array_keys($_SERVER),
array_keys($_SESSION),
array_keys($_ENV),
array_keys($_FILES)
);
foreach ($input as $varname)
{
if (isset($not_unset[$varname]))
{
// Hacking attempt. No point in continuing.
exit;
}
unset($GLOBALS[$varname]);
}
unset($input);
}
// If we are on PHP >= 6.0.0 we do not need some code // If we are on PHP >= 6.0.0 we do not need some code
if (version_compare(phpversion(), '6.0.0-dev', '>=')) if (version_compare(phpversion(), '6.0.0-dev', '>='))
@ -38,54 +91,7 @@ else
// Be paranoid with passed vars // Be paranoid with passed vars
if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
{ {
// Remove variables created by register_globals from the global scope deregister_globals();
// Thanks to Matt Kavanagh
$not_unset = array(
'GLOBALS' => true,
'_GET' => true,
'_POST' => true,
'_COOKIE' => true,
'_REQUEST' => true,
'_SERVER' => true,
'_SESSION' => true,
'_ENV' => true,
'_FILES' => true,
'phpEx' => true,
'phpbb_root_path' => true
);
// Not only will array_merge and array_keys give a warning if
// a parameter is not an array, array_merge will actually fail.
// So we check if _SESSION has been initialised.
if (!isset($_SESSION) || !is_array($_SESSION))
{
$_SESSION = array();
}
// Merge all into one extremely huge array; unset
// this later
$input = array_merge(
array_keys($_GET),
array_keys($_POST),
array_keys($_COOKIE),
array_keys($_SERVER),
array_keys($_SESSION),
array_keys($_ENV),
array_keys($_FILES)
);
foreach ($input as $varname)
{
if (isset($not_unset[$varname]))
{
// Hacking attempt. No point in continuing.
exit;
}
unset($GLOBALS[$varname]);
}
unset($input);
} }
define('STRIP', (get_magic_quotes_gpc()) ? true : false); define('STRIP', (get_magic_quotes_gpc()) ? true : false);