diff options
| author | ben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-08-21 17:24:13 +0000 |
|---|---|---|
| committer | ben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-08-21 17:24:13 +0000 |
| commit | c5dd69b30761786ca22878222d42f17e920ae8b2 (patch) | |
| tree | ac7770bc2006637bb0926b9f5e8b31ac3b385887 /engine/lib/input.php | |
| parent | b10b63780291e223dc30ece31ea2899ddd8078e1 (diff) | |
| download | elgg-c5dd69b30761786ca22878222d42f17e920ae8b2.tar.gz elgg-c5dd69b30761786ca22878222d42f17e920ae8b2.tar.bz2 | |
Fixed input for people with magic quotes on.
git-svn-id: https://code.elgg.org/elgg/trunk@2037 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine/lib/input.php')
| -rw-r--r-- | engine/lib/input.php | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/engine/lib/input.php b/engine/lib/input.php index 4b36393d8..6312ba191 100644 --- a/engine/lib/input.php +++ b/engine/lib/input.php @@ -142,6 +142,67 @@ }
function input_init() {
+
+ if (ini_get_bool('magic_quotes_gpc') ) {
+
+ //do keys as well, cos array_map ignores them
+ function stripslashes_arraykeys($array) {
+ if (is_array($array)) {
+ $array2 = array();
+ foreach ($array as $key => $data) {
+ if ($key != stripslashes($key)) {
+ $array2[stripslashes($key)] = $data;
+ } else {
+ $array2[$key] = $data;
+ }
+ }
+ return $array2;
+ } else {
+ return $array;
+ }
+ }
+
+ function stripslashes_deep($value) {
+ if (is_array($value)) {
+ $value = stripslashes_arraykeys($value);
+ $value = array_map('stripslashes_deep', $value);
+ } else {
+ $value = stripslashes($value);
+ }
+ return $value;
+ }
+
+ $_POST = stripslashes_arraykeys($_POST);
+ $_GET = stripslashes_arraykeys($_GET);
+ $_COOKIE = stripslashes_arraykeys($_COOKIE);
+ $_REQUEST = stripslashes_arraykeys($_REQUEST);
+
+ $_POST = array_map('stripslashes_deep', $_POST);
+ $_GET = array_map('stripslashes_deep', $_GET);
+ $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
+ $_REQUEST = array_map('stripslashes_deep', $_REQUEST);
+ if (!empty($_SERVER['REQUEST_URI'])) {
+ $_SERVER['REQUEST_URI'] = stripslashes($_SERVER['REQUEST_URI']);
+ }
+ if (!empty($_SERVER['QUERY_STRING'])) {
+ $_SERVER['QUERY_STRING'] = stripslashes($_SERVER['QUERY_STRING']);
+ }
+ if (!empty($_SERVER['HTTP_REFERER'])) {
+ $_SERVER['HTTP_REFERER'] = stripslashes($_SERVER['HTTP_REFERER']);
+ }
+ if (!empty($_SERVER['PATH_INFO'])) {
+ $_SERVER['PATH_INFO'] = stripslashes($_SERVER['PATH_INFO']);
+ }
+ if (!empty($_SERVER['PHP_SELF'])) {
+ $_SERVER['PHP_SELF'] = stripslashes($_SERVER['PHP_SELF']);
+ }
+ if (!empty($_SERVER['PATH_TRANSLATED'])) {
+ $_SERVER['PATH_TRANSLATED'] = stripslashes($_SERVER['PATH_TRANSLATED']);
+ }
+
+ }
+
+
global $CONFIG;
$CONFIG->allowedtags = array(
'address' => array(),
|