/** * clean user input * <br> * Gets a global variable, cleaning it up to try to ensure that * hack attacks don't work * @param var name of variable to get * @param ... * @returns string/array * @return prepared variable if only one variable passed * in, otherwise an array of prepared variables */ function pnVarCleanFromInput() { $search = array('|</?\\s*SCRIPT.*?>|si', '|</?\\s*FRAME.*?>|si', '|</?\\s*OBJECT.*?>|si', '|</?\\s*META.*?>|si', '|</?\\s*APPLET.*?>|si', '|</?\\s*LINK.*?>|si', '|</?\\s*IFRAME.*?>|si', '|STYLE\\s*=\\s*"[^"]*"|si'); $replace = array(''); $resarray = array(); foreach (func_get_args() as $var) { // Get var global ${$var}; if (empty($var)) { return; } $ourvar = ${$var}; if (!isset($ourvar)) { array_push($resarray, NULL); continue; } if (empty($ourvar)) { array_push($resarray, $ourvar); continue; } // Clean var if (check_magic_quotes()) { pnStripslashes($ourvar); } if (!pnSecAuthAction(0, '::', '::', ACCESS_ADMIN)) { $ourvar = preg_replace($search, $replace, $ourvar); } // Add to result array array_push($resarray, $ourvar); } // Return vars if (func_num_args() == 1) { return $resarray[0]; } else { return $resarray; } }
/** * clean user input * <br /> * Gets a global variable, cleaning it up to try to ensure that * hack attacks don't work * * @param var $ name of variable to get * @param $ ... * @return mixed prepared variable if only one variable passed * in, otherwise an array of prepared variables */ function pnVarCleanFromInput() { // Create an array of bad objects to clean out of input variables $search = array('|</?\\s*SCRIPT.*?>|si', '|</?\\s*FRAME.*?>|si', '|</?\\s*OBJECT.*?>|si', '|</?\\s*META.*?>|si', '|</?\\s*APPLET.*?>|si', '|</?\\s*LINK.*?>|si', '|</?\\s*IFRAME.*?>|si', '|STYLE\\s*=\\s*"[^"]*"|si'); // Create an empty array that will be used to replace any malacious code $replace = array(''); // Create an array to store cleaned variables $resarray = array(); // Loop through the function arguments // these arguments are input variables to be cleaned foreach (func_get_args() as $var) { // If the var is empty return void if (empty($var)) { return; } // Identify the correct place to get our variable from // and if we should attempt to cleanse the variable // content from the $_FILES array is left untouched $cleanse = false; switch (true) { case isset($_REQUEST[$var]) && !isset($_FILES[$var]): // Set $ourvar from the $_REQUEST superglobal // but only if it's not also present in the $_FILES array // since php < 4.30 includes $_FILES in $_REQUEST $ourvar = $_REQUEST[$var]; $cleanse = true; break; case isset($_GET[$var]): // Set $ourvar from the $_GET superglobal $ourvar = $_GET[$var]; $cleanse = true; break; case isset($_POST[$var]): // Set $ourvar from the $_POST superglobal $ourvar = $_POST[$var]; $cleanse = true; break; case isset($_COOKIE[$var]): // Set $ourvar from the $_COOKIE superglobal $ourvar = $_COOKIE[$var]; $cleanse = true; break; case isset($_FILES[$var]): // Set $ourvar from the $_FILES superglobal $ourvar = $_FILES[$var]; break; default: $ourvar = null; break; } $alwaysclean = array('name', 'module', 'type', 'file', 'authid'); if (in_array($var, $alwaysclean)) { $cleanse = true; } if ($cleanse) { // If magic_quotes_gpc is on strip out the slashes if (get_magic_quotes_gpc()) { pnStripslashes($ourvar); } // If at least ADMIN access level is not set clean the variable // @note: Since no security parameters have been passed to this // the variables will always be cleaned. // @note: some vars will always be cleaned so as not to trigger // a security check (requires 3 sql queries to build permissions // map). if (!pnSecAuthAction(0, '.*', '.*', ACCESS_ADMIN)) { $ourvar = preg_replace($search, $replace, $ourvar); } } // Add the cleaned var to the return array array_push($resarray, $ourvar); } // If there was only one parameter passed return a variable if (func_num_args() == 1) { return $resarray[0]; // Else return an array } else { return $resarray; } }