function run() { unregister_globals(); ini_set('session.cache_expire', 1); if (is_php_version_or_greater(4, 3, 0)) { ini_set('session.use_only_cookies', 1); } ini_set('session.cookie_lifetime', 1); @session_start(); if (!isset($_SESSION['CREATED'])) { $_SESSION['CREATED'] = time(); } elseif (time() - $_SESSION['CREATED'] > SESSION_LIFETIME_MINUTES * 60) { session_destroy(); $_SESSION = array(); } if (!isset($_SERVER)) { $_SERVER =& $HTTP_SERVER_VARS; } php_sapi_name() == 'cli' && die("This script should only be run by a web server.\n"); $page = get_request_parameter('page'); $host = get_request_parameter('host'); $clear = get_request_parameter('clear'); if (!empty($host)) { if ($host == 'ngd') { $_SESSION['not_go_daddy'] = 1; } } if (!empty($clear)) { unset($_SESSION['not_go_daddy']); unset($_SESSION['latest_version']); unset($_SESSION['loader_platform_info']); unset($_SESSION['loader_version_info']); unset($_SESSION['php_compilers_info']); } if (!array_key_exists('latest_version', $_SESSION) || !isset($_SESSION['latest_version']) || $_SESSION['latest_version'] === false) { $_SESSION['latest_version'] = retrieve_latest_version(); } if (!empty($page)) { $fn = "{$page}_page"; if (function_exists($fn)) { $fn(); } else { default_page(); } } else { $godaddy_root = GoDaddy_root(); if (empty($godaddy_root)) { default_page(); } else { GoDaddy_page($godaddy_root); } } @session_write_close(); exit(0); }
# A. Unsets all global variables set from a superglobal array /** * @access private * @return void */ function unregister_globals() { $args = func_get_args(); foreach ($args as $k => $v) { if (array_key_exists($k, $GLOBALS)) { unset($GLOBALS[$k]); } } } if (ini_get('register_globals')) { unregister_globals('_POST', '_GET', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES'); ini_set('register_globals', 0); } # B. removing magic quotes /** * @access private * @param string $array * @return array */ function remove_magic_quotes($array) { foreach ($array as $k => $v) { $array[$k] = is_array($v) ? remove_magic_quotes($v) : stripslashes($v); } return $array; }
<?php // Load the functions script require PUN_ROOT . 'include/functions.php'; // Reverse the effect of register_globals unregister_globals(); @(include PUN_ROOT . 'config.php'); // If PUN isn't defined, config.php is missing or corrupt if (!defined('PUN')) { exit('The file \'config.php\' doesn\'t exist or is corrupt. Please run <a href="install.php">install.php</a> to install PunBB first.'); } // Record the start time (will be used to calculate the generation time for the page) list($usec, $sec) = explode(' ', microtime()); $pun_start = (double) $usec + (double) $sec; // Make sure PHP reports all errors except E_NOTICE. PunBB supports E_ALL, but a lot of scripts it may interact with, do not. error_reporting(E_ALL ^ E_NOTICE); // Turn off magic_quotes_runtime set_magic_quotes_runtime(0); // Strip slashes from GET/POST/COOKIE (if magic_quotes_gpc is enabled) if (get_magic_quotes_gpc()) { function stripslashes_array($array) { return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array); } $_GET = stripslashes_array($_GET); $_POST = stripslashes_array($_POST); $_COOKIE = stripslashes_array($_COOKIE); } // Seed the random number generator mt_srand((double) microtime() * 1000000); // If a cookie name is not specified in config.php, we use the default (punbb_cookie)
function run() { unregister_globals(); if (is_php_version_or_greater(4, 3, 0)) { ini_set('session.use_only_cookies', 1); } $session_ok = @session_start(); if (!defined('PHP_EOL')) { if (is_ms_windows()) { define('PHP_EOL', "\r\n"); } else { define('PHP_EOL', "\n"); } } if (!isset($_SESSION['CREATED'])) { $_SESSION['CREATED'] = time(); } elseif (time() - $_SESSION['CREATED'] > SESSION_LIFETIME_MINUTES * 60) { clear_session(); } if (!isset($_SERVER)) { $_SERVER =& $HTTP_SERVER_VARS; } php_sapi_name() == 'cli' && die("This script should only be run by a web server.\n"); $page = get_request_parameter('page'); $host = get_request_parameter('host'); $clear = get_request_parameter('clear'); $ini = get_request_parameter('ini'); $timeout = get_request_parameter('timeout'); if ($timeout) { $_SESSION['timing_out'] = 1; $_SESSION['initial_run'] = 0; } if (!empty($host)) { if ($host == 'ngd') { $_SESSION['not_go_daddy'] = 1; } } if (!empty($ini)) { $_SESSION['use_ini_method'] = 1; } if (!empty($clear)) { clear_session(); unset($_SESSION['not_go_daddy']); unset($_SESSION['use_ini_method']); unset($_SESSION['server_type']); } else { $stype = get_request_parameter('stype'); $hostprovider = get_request_parameter('hostprovider'); $hosturl = get_request_parameter('hosturl'); if (!empty($hostprovider)) { $_SESSION['hostprovider'] = $hostprovider; $_SESSION['hosturl'] = $hosturl; } $server_type = find_server_type($stype, false, true); } if ($session_ok && !$timeout && !isset($_SESSION['initial_run']) && empty($page)) { $_SESSION['initial_run'] = 1; initial_page(); @session_write_close(); exit; } else { $_SESSION['initial_run'] = 0; } if (empty($_SESSION['server_type'])) { $_SESSION['server_type'] = SERVER_UNKNOWN; } if (empty($page) || !function_exists($page . "_page")) { $page = get_default_page(); } $fn = "{$page}_page"; $fn(); @session_write_close(); exit(0); }
function run() { unregister_globals(); if (is_php_version_or_greater(4,3,0)) { ini_set('session.use_only_cookies',1); } @session_start(); if (!isset($_SESSION['CREATED'])) { $_SESSION['CREATED'] = time(); } elseif (time() - $_SESSION['CREATED'] > SESSION_LIFETIME_MINUTES * 60) { $persist['not_go_daddy'] = empty($_SESSION['not_go_daddy'])?0:1; $persist['use_ini_method'] = empty($_SESSION['use_ini_method'])?0:1; $persist['server_type'] = empty($_SESSION['server_type'])?SERVER_UNKNOWN:$_SESSION['server_type']; session_destroy(); $_SESSION = array(); $_SESSION = $persist; } if (!isset($_SERVER)) $_SERVER =& $HTTP_SERVER_VARS; (php_sapi_name() == 'cli') && die("This script should only be run by a web server.\n"); $page = get_request_parameter('page'); $host = get_request_parameter('host'); $clear = get_request_parameter('clear'); $ini = get_request_parameter('ini'); if (!empty($host)) { if ($host == 'ngd') { $_SESSION['not_go_daddy'] = 1; } } if (!empty($ini)) { $_SESSION['use_ini_method'] = 1; } if (!empty($clear)) { unset($_SESSION['latest_version']); unset($_SESSION['loader_platform_info']); unset($_SESSION['loader_version_info']); unset($_SESSION['php_compilers_info']); unset($_SESSION['not_go_daddy']); unset($_SESSION['use_ini_method']); unset($_SESSION['server_type']); } if (empty($_SESSION['latest_version'])) { $_SESSION['latest_version'] = retrieve_latest_version(); } if (empty($_SESSION['server_type'])) { $_SESSION['server_type'] = SERVER_UNKNOWN; } if (!empty($page)) { $fn = "${page}_page"; if (function_exists($fn)) { $fn(); } else { default_page(); } } else { $godaddy_root = GoDaddy_root(); if (empty($godaddy_root)) { default_page(); } else { GoDaddy_page($godaddy_root); } } @session_write_close(); exit(0); }