jablonka.czprosek.czf

is

Subversion Repositories:
[/] [trunk/] [html/] [grab_globals.lib.php] - Blame information for rev 4

 

Line No. Rev Author Line
12simandl<?php
2/* $Id: grab_globals.lib.php,v 2.12 2005/08/14 19:31:55 lem9 Exp $ */
3// vim: expandtab sw=4 ts=4 sts=4:
4 
5 
6/**
7 * This library grabs the names and values of the variables sent or posted to a
8 * script in the $_* arrays and sets simple globals variables from them. It does
9 * the same work for the $PHP_SELF, $HTTP_ACCEPT_LANGUAGE and
10 * $HTTP_AUTHORIZATION variables.
11 *
12 * loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
13 */
14 
153simandlinclude ("config.php");
16 
17function sanitize($input){
18 $output="";
19 if(is_array($input)){
20 foreach($input as $k=>$i){
21 $output[$k]=sanitize($i);
22 }
232simandl }
243simandl else{
25 if(get_magic_quotes_gpc()){
26 $input=stripslashes($input);
272simandl }
283simandl $output=addslashes($input);
29# echo "$input san $output<br>";
30 }
31 return $output;
32}
332simandl 
343simandl$_POST=sanitize($_POST);
35$_GET=sanitize($_GET);
36$_COOKIE=sanitize($_COOKIE);
37$_REQUEST=sanitize($_REQUEST);
382simandl 
393simandlforeach ($_POST as $var => $value) {
40${"$var"}=$value;
412simandl}
42 
434simandlforeach ($_GET as $var => $value) {
44${"$var"}=$value;
45}
46 
472simandl// check if a subform is submitted
48$__redirect = NULL;
49if ( isset( $_POST['usesubform'] ) ) {
50 // if a subform is present and should be used
51 // the rest of the form is deprecated
52 $subform_id = key( $_POST['usesubform'] );
53 $subform = $_POST['subform'][$subform_id];
54 $_POST = $subform;
55 if ( isset( $_POST['redirect'] )
56 && $_POST['redirect'] != basename( $_SERVER['PHP_SELF'] ) ) {
57 $__redirect = $_POST['redirect'];
58 unset( $_POST['redirect'] );
59 } // end if ( isset( $_POST['redirect'] ) )
60} // end if ( isset( $_POST['usesubform'] ) )
61// end check if a subform is submitted
62 
63if (!empty($_FILES)) {
64 foreach ($_FILES AS $name => $value) {
65 $$name = $value['tmp_name'];
66 ${$name . '_name'} = $value['name'];
67 }
68} // end if
69 
70if (!empty($_SERVER)) {
71 $server_vars = array('PHP_SELF', 'HTTP_ACCEPT_LANGUAGE', 'HTTP_AUTHORIZATION');
72 foreach ($server_vars as $current) {
73 if (isset($_SERVER[$current])) {
74 $$current = $_SERVER[$current];
75 } elseif (!isset($$current)) {
76 $$current = '';
77 }
78 }
79 unset($server_vars, $current);
80} // end if
81 
82// Security fix: disallow accessing serious server files via "?goto="
83if (isset($goto) && strpos(' ' . $goto, '/') > 0 && substr($goto, 0, 2) != './') {
84 unset($goto);
85} // end if
86 
87if ( ! empty( $__redirect ) ) {
88 require('./' . $__redirect);
89 exit();
90} // end if ( ! empty( $__redirect ) )
91?>

Powered by WebSVN 2.2.1