diff options
| author | David M <davidmj@users.sourceforge.net> | 2006-03-06 23:45:21 +0000 |
|---|---|---|
| committer | David M <davidmj@users.sourceforge.net> | 2006-03-06 23:45:21 +0000 |
| commit | 91720e826f14130485ccc306a93e5dd0fbf2946f (patch) | |
| tree | b5238c4c1f0f0b7a31f790d7035c76f90d27a214 /phpBB/common.php | |
| parent | 21f3fbc4be201a4fa277e65d30e694f0f75cb6ff (diff) | |
| download | forums-91720e826f14130485ccc306a93e5dd0fbf2946f.tar forums-91720e826f14130485ccc306a93e5dd0fbf2946f.tar.gz forums-91720e826f14130485ccc306a93e5dd0fbf2946f.tar.bz2 forums-91720e826f14130485ccc306a93e5dd0fbf2946f.tar.xz forums-91720e826f14130485ccc306a93e5dd0fbf2946f.zip | |
Weee! My turn to bug things up :D
- A moved topic has _two_ forum_ids, we must update the tracking info on the "fake" forum and the "real" forum.
- Welcome back to register_globals! :P
git-svn-id: file:///svn/phpbb/trunk@5608 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/common.php')
| -rw-r--r-- | phpBB/common.php | 37 |
1 files changed, 34 insertions, 3 deletions
diff --git a/phpBB/common.php b/phpBB/common.php index 6822d8f72a..c5ef578231 100644 --- a/phpBB/common.php +++ b/phpBB/common.php @@ -27,13 +27,44 @@ error_reporting(E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitia //error_reporting(E_ALL); set_magic_quotes_runtime(0); +// Protect against GLOBALS tricks +if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) +{ + exit; +} + +// Protect against _SESSION tricks +if (isset($_SESSION) && !is_array($_SESSION)) +{ + exit; +} + // Be paranoid with passed vars -if (@ini_get('register_globals')) +if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') { - foreach ($_REQUEST as $var_name => $void) + $not_unset = array('_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_SESSION', '_ENV', '_FILES', 'phpEx', 'phpbb_root_path'); + + // Not only will array_merge give a warning if a parameter + // is not an array, it will actually fail. So we check if + // _SESSION has been initialised. + if (!isset($_SESSION) || !is_array($_SESSION)) { - unset(${$var_name}); + $_SESSION = array(); } + + // Merge all into one extremely huge array; unset + // this later + $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_SESSION, $_ENV, $_FILES); + + foreach ($input as $varname => $void) + { + if (!in_array($varname, $not_unset)) + { + unset(${$varname}); + } + } + + unset($input); } if (defined('IN_CRON')) |