/** * Determine if a specific method is supported * */ public static function Supported($method) { if (\gp\tool::IniGet('safe_mode')) { return false; } $url_fopen = \gp\tool::IniGet('allow_url_fopen'); $php5 = version_compare(phpversion(), '5.0', '>='); switch ($method) { case 'stream': return $url_fopen && $php5; case 'fopen': return $url_fopen; case 'fsockopen': return function_exists('fsockopen'); } return false; }
/** * Check magic_quotes_sybase and magic_quotes_runtime * */ private function CheckMagic() { global $langmessage; // magic_quotes_sybase $checkValue = !\gp\tool::IniGet('magic_quotes_sybase'); echo '<tr><td>'; echo '<a href="http://php.net/manual/security.magicquotes.disabling.php" target="_blank">'; echo 'Magic Quotes Sybase'; echo '</a>'; echo '</td>'; $this->StatusRow($checkValue, $langmessage['Off'], $langmessage['On']); //magic_quotes_runtime $checkValue = !\gp\tool::IniGet('magic_quotes_runtime'); echo '<tr><td>'; echo '<a href="http://php.net/manual/security.magicquotes.disabling.php" target="_blank">'; echo 'Magic Quotes Runtime'; echo '</a>'; echo '</td>'; $this->StatusRow($checkValue, $langmessage['Off'], $langmessage['On']); }
/** * Test if function exists. Also handles case where function is disabled via Suhosin. * Modified from: http://dev.piwik.org/trac/browser/trunk/plugins/Installation/Controller.php * * @param string $function Function name * @return bool True if function exists (not disabled); False otherwise. */ static function function_exists($function) { $function = strtolower($function); // eval() is a language construct if ($function == 'eval') { // does not check suhosin.executor.eval.whitelist (or blacklist) if (extension_loaded('suhosin') && \gp\tool::IniGet('suhosin.executor.disable_eval')) { return false; } return true; } if (!function_exists($function)) { return false; } $blacklist = @ini_get('disable_functions'); if (extension_loaded('suhosin')) { $blacklist .= ',' . @ini_get('suhosin.executor.func.blacklist'); } $blacklist = explode(',', $blacklist); $blacklist = array_map('trim', $blacklist); $blacklist = array_map('strtolower', $blacklist); if (in_array($function, $blacklist)) { return false; } return true; }
{ defined($var) or define($var, $default); } /** * Fix GPCR if magic_quotes_gpc is on * magic_quotes_gpc is deprecated, but still on by default in many versions of php * */ if (function_exists('get_magic_quotes_gpc') && version_compare(phpversion(), '5.4', '<=') && @get_magic_quotes_gpc()) { fix_magic_quotes($_GET); fix_magic_quotes($_POST); fix_magic_quotes($_COOKIE); fix_magic_quotes($_REQUEST); } //If Register Globals if (\gp\tool::IniGet('register_globals')) { foreach ($_REQUEST as $key => $value) { $key = strtolower($key); if ($key == 'globals' || $key == '_post') { die('Hack attempted.'); } } } function fix_magic_quotes(&$arr) { $new = array(); foreach ($arr as $key => $val) { $key = stripslashes($key); if (is_array($val)) { fix_magic_quotes($val); } else {
/** * Get Addon info for rating * Return true if it can be rated * */ public function CanRate() { $this->GetAddonData(); $arg =& $_REQUEST['arg']; switch ($this->config_index) { case 'themes': $this->GetAddonRateInfoTheme($arg); break; case 'addons': $this->GetAddonRateInfoPlugin($arg); break; default: return false; } if (!\gp\tool::IniGet('allow_url_fopen')) { $this->messages[] = 'Your installation of PHP does not support url fopen wrappers.'; } if (count($this->messages) > 0) { $message = 'Oops, you are currently unable to rate this addon for the following reasons:'; $message .= '<ul>'; $message .= '<li>' . implode('</li><li>', $this->messages) . '</li>'; $message .= '</ul>'; message($message); $this->ShowRatingText = false; return false; } return true; }