jablonka.czprosek.czf

is

Subversion Repositories:
[/] [trunk/] [html/] [grab_globals.lib.php] - Blame information for rev 3

 

Line No. Rev Author Line
12simandl<?php
2/* $Id: grab_globals.lib.php,v 2.12 2005/08/14 19:31:55 lem9 Exp $ */
3// vim: expandtab sw=4 ts=4 sts=4:
4 
5 
6/**
7 * This library grabs the names and values of the variables sent or posted to a
8 * script in the $_* arrays and sets simple globals variables from them. It does
9 * the same work for the $PHP_SELF, $HTTP_ACCEPT_LANGUAGE and
10 * $HTTP_AUTHORIZATION variables.
11 *
12 * loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
13 */
14 
153simandlinclude ("config.php");
16 
17function sanitize($input){
18 $output="";
19 if(is_array($input)){
20 foreach($input as $k=>$i){
21 $output[$k]=sanitize($i);
22 }
232simandl }
243simandl else{
25 if(get_magic_quotes_gpc()){
26 $input=stripslashes($input);
272simandl }
283simandl $output=addslashes($input);
29# echo "$input san $output<br>";
30 }
31 return $output;
32}
332simandl 
343simandl$_POST=sanitize($_POST);
35$_GET=sanitize($_GET);
36$_COOKIE=sanitize($_COOKIE);
37$_REQUEST=sanitize($_REQUEST);
382simandl 
393simandlforeach ($_POST as $var => $value) {
40${"$var"}=$value;
412simandl}
42 
43// check if a subform is submitted
44$__redirect = NULL;
45if ( isset( $_POST['usesubform'] ) ) {
46 // if a subform is present and should be used
47 // the rest of the form is deprecated
48 $subform_id = key( $_POST['usesubform'] );
49 $subform = $_POST['subform'][$subform_id];
50 $_POST = $subform;
51 if ( isset( $_POST['redirect'] )
52 && $_POST['redirect'] != basename( $_SERVER['PHP_SELF'] ) ) {
53 $__redirect = $_POST['redirect'];
54 unset( $_POST['redirect'] );
55 } // end if ( isset( $_POST['redirect'] ) )
56} // end if ( isset( $_POST['usesubform'] ) )
57// end check if a subform is submitted
58 
59if (!empty($_FILES)) {
60 foreach ($_FILES AS $name => $value) {
61 $$name = $value['tmp_name'];
62 ${$name . '_name'} = $value['name'];
63 }
64} // end if
65 
66if (!empty($_SERVER)) {
67 $server_vars = array('PHP_SELF', 'HTTP_ACCEPT_LANGUAGE', 'HTTP_AUTHORIZATION');
68 foreach ($server_vars as $current) {
69 if (isset($_SERVER[$current])) {
70 $$current = $_SERVER[$current];
71 } elseif (!isset($$current)) {
72 $$current = '';
73 }
74 }
75 unset($server_vars, $current);
76} // end if
77 
78// Security fix: disallow accessing serious server files via "?goto="
79if (isset($goto) && strpos(' ' . $goto, '/') > 0 && substr($goto, 0, 2) != './') {
80 unset($goto);
81} // end if
82 
83if ( ! empty( $__redirect ) ) {
84 require('./' . $__redirect);
85 exit();
86} // end if ( ! empty( $__redirect ) )
87?>

Powered by WebSVN 2.2.1