public function __construct() { if (get_magic_quotes_runtime()) { @set_magic_quotes_runtime(0); } if (get_magic_quotes_gpc()) { $_POST = $this->strip_slashes($_POST); $_GET = $this->strip_slashes($_GET); $_SESSION = $this->strip_slashes($_SESSION); $_COOKIE = $this->strip_slashes($_COOKIE); } if (defined('XIAOCMS_ADMIN') || defined('XIAOCMS_MEMBER')) { define('SITE_PATH', self::get_a_url()); } else { define('SITE_PATH', self::get_base_url()); } if (!is_file(XIAOCMS_PATH . 'data/install.lock')) { self::redirect(url('install/index')); } if (is_file(XIAOCMS_PATH . 'member' . DIRECTORY_SEPARATOR . 'index.php')) { define('XIAOCMS_MEMBER', XIAOCMS_PATH . 'member' . DIRECTORY_SEPARATOR); } $this->db = xiaocms::load_class('Model'); $this->view = xiaocms::load_class('view'); $this->cookie = xiaocms::load_class('cookie'); $this->session = xiaocms::load_class('session'); $this->site_config = xiaocms::load_config('config'); $this->category_cache = get_cache('category'); $this->content_model = get_cache('content_model'); $this->member_info = self::get_member_info(); $this->view->assign(array('cats' => $this->category_cache, 'member' => $this->member_info, 'site_url' => self::get_http_host() . SITE_PATH, 'site_name' => $this->site_config['site_name'], 'page' => (int) self::get('page') ? (int) self::get('page') : 1, 'site_template' => SITE_PATH . basename(TEMPLATE_DIR) . '/' . basename(SYS_THEME_DIR) . '/')); }
function db_query($sql) { global $db_debug; global $db_conn; if ($db_debug) { dump($sql); } try { $r = $db_conn->query($sql); } catch (PDOException $e) { die($e->getMessage()); } $rows = $r->fetchAll(PDO::FETCH_ASSOC); if (!$rows) { return false; } if (get_magic_quotes_runtime()) { foreach ($rows as $row) { foreach ($row as $k => &$v) { $v = stripslashes($v); } } } return $rows; }
/** * Renders the view. * * @return string (X)HTML * * @global array The paths of system files and folders. * @global array The configuration of the plugins. * @global array The localization of the core. * @global array The localization of the plugins. */ public function render() { global $pth, $plugin_cf, $tx, $plugin_tx; $phpVersion = '5.3.0'; $ptx = $plugin_tx['advancedform']; $imgdir = $pth['folder']['plugins'] . 'advancedform/images/'; $ok = tag('img src="' . $imgdir . 'ok.png" alt="ok"'); $warn = tag('img src="' . $imgdir . 'warn.png" alt="warning"'); $fail = tag('img src="' . $imgdir . 'fail.png" alt="failure"'); $o = tag('hr') . '<h4>' . $ptx['syscheck_title'] . '</h4>' . (version_compare(PHP_VERSION, $phpVersion) >= 0 ? $ok : $fail) . ' ' . sprintf($ptx['syscheck_phpversion'], $phpVersion) . tag('br') . tag('br') . PHP_EOL; foreach (array('ctype', 'mbstring', 'pcre', 'session', 'spl') as $ext) { $o .= (extension_loaded($ext) ? $ok : $fail) . ' ' . sprintf($ptx['syscheck_extension'], $ext) . tag('br') . PHP_EOL; } $o .= tag('br') . (strtoupper($tx['meta']['codepage']) == 'UTF-8' ? $ok : $warn) . ' ' . $ptx['syscheck_encoding'] . tag('br') . PHP_EOL; $o .= (!get_magic_quotes_runtime() ? $ok : $warn) . ' ' . $ptx['syscheck_magic_quotes'] . tag('br') . PHP_EOL; $filename = $pth['folder']['plugins'] . 'jquery/jquery.inc.php'; $o .= (file_exists($filename) ? $ok : $fail) . ' ' . $ptx['syscheck_jquery'] . tag('br') . PHP_EOL; $filename = $pth['folder']['plugins'] . $plugin_cf['advancedform']['captcha_plugin'] . '/captcha.php'; $o .= (file_exists($filename) ? $ok : $warn) . ' ' . $ptx['syscheck_captcha_plugin'] . tag('br') . tag('br') . PHP_EOL; foreach (array('config/', 'css/', 'languages/') as $folder) { $folders[] = $pth['folder']['plugins'] . 'advancedform/' . $folder; } $folders[] = Data::folder(); foreach ($folders as $folder) { $o .= (is_writable($folder) ? $ok : $warn) . ' ' . sprintf($ptx['syscheck_writable'], $folder) . tag('br') . PHP_EOL; } return $o; }
function session($configfile) { if (get_magic_quotes_runtime()) { set_magic_quotes_runtime(0); } $ini = readINIfile("" . $configfile . "", ";"); // dabei ist ; das zeichen für einen kommentar. kann geändert werden. for ($i = 0; $i <= 7; $i++) { $_SESSION["color_ch" . $i] = $ini['plotter']['color_ch' . $i]; $_SESSION["temp_min" . $i] = $ini['temp_min']['temp_min' . $i]; $_SESSION["temp_max" . $i] = $ini['temp_max']['temp_max' . $i]; $_SESSION["ch_name" . $i] = $ini['ch_name']['ch_name' . $i]; $_SESSION["alert" . $i] = $ini['web_alert']['ch' . $i]; $_SESSION["ch_show" . $i] = $ini['ch_show']['ch' . $i]; } $_SESSION["plot_start"] = $ini['ToDo']['plot_start']; $_SESSION["plotname"] = $ini['plotter']['plotname']; $_SESSION["plotsize"] = $ini['plotter']['plotsize']; $_SESSION["plotbereich_min"] = $ini['plotter']['plotbereich_min']; $_SESSION["plotbereich_max"] = $ini['plotter']['plotbereich_max']; $_SESSION["keybox"] = $ini['plotter']['keybox']; $_SESSION["keyboxframe"] = $ini['plotter']['keyboxframe']; $_SESSION["pit_on"] = $ini['ToDo']['pit_on']; $_SESSION["pit_ch"] = $ini['Pitmaster']['pit_ch']; $_SESSION["webcam_start"] = $ini['webcam']['webcam_start']; $_SESSION["current_temp"] = $ini['filepath']['current_temp']; $_SESSION["pitmaster"] = $ini['filepath']['pitmaster']; if (!isset($_SESSION["websoundalert"])) { $_SESSION["websoundalert"] = "True"; } }
/** * Send a download. * * @since 0.1.0 * * @param string $file An absolute file path. */ function satispress_send_file($file) { @session_write_close(); if (function_exists('apache_setenv')) { @apache_setenv('no-gzip', 1); } if (get_magic_quotes_runtime()) { @set_magic_quotes_runtime(0); } @ini_set('zlib.output_compression', 'Off'); @set_time_limit(0); @ob_end_clean(); if (ob_get_level()) { @ob_end_clean(); // Zip corruption fix. } nocache_headers(); header('Robots: none'); header('Content-Type: application/force-download'); header('Content-Description: File Transfer'); header('Content-Disposition: attachment; filename="' . basename($file) . '";'); header('Content-Transfer-Encoding: binary'); if ($size = @filesize($file)) { header('Content-Length: ' . $size); } @readfile_chunked($file) or wp_die(__('File not found', 'satispress')); exit; }
public function main() { $info = array('操作系统' => PHP_OS, '运行环境' => $_SERVER["SERVER_SOFTWARE"], 'PHP运行方式' => php_sapi_name(), 'ThinkPHP版本' => THINK_VERSION . ' [ <a href="http://thinkphp.cn" target="_blank">查看最新版本</a> ]', '上传附件限制' => ini_get('upload_max_filesize'), '执行时间限制' => ini_get('max_execution_time') . '秒', '服务器时间' => date("Y年n月j日 H:i:s"), '北京时间' => gmdate("Y年n月j日 H:i:s", time() + 8 * 3600), '服务器域名/IP' => $_SERVER['SERVER_NAME'] . ' [ ' . gethostbyname($_SERVER['SERVER_NAME']) . ' ]', '剩余空间' => round(@disk_free_space(".") / (1024 * 1024), 2) . 'M', 'register_globals' => get_cfg_var("register_globals") == "1" ? "ON" : "OFF", 'magic_quotes_gpc' => 1 === get_magic_quotes_gpc() ? 'YES' : 'NO', 'magic_quotes_runtime' => 1 === get_magic_quotes_runtime() ? 'YES' : 'NO'); $this->assign('info1', $info); // dump($info); $this->display(); }
/** * Returns the requirements information view. * * @return string The (X)HTML. */ function Syntaxhighlighter_systemCheck() { // RELEASE-TODO global $pth, $tx, $plugin_tx; define('SYNTAXHIGHLIGHTER_PHP_VERSION', '4.0.7'); $ptx = $plugin_tx['syntaxhighlighter']; $imgdir = $pth['folder']['plugins'] . 'syntaxhighlighter/images/'; $ok = tag('img src="' . $imgdir . 'ok.png" alt="ok"'); $warn = tag('img src="' . $imgdir . 'warn.png" alt="warning"'); $fail = tag('img src="' . $imgdir . 'fail.png" alt="failure"'); $o = '<h4>' . $ptx['syscheck_title'] . '</h4>' . (version_compare(PHP_VERSION, SYNTAXHIGHLIGHTER_PHP_VERSION) >= 0 ? $ok : $fail) . ' ' . sprintf($ptx['syscheck_phpversion'], SYNTAXHIGHLIGHTER_PHP_VERSION) . tag('br') . "\n"; foreach (array('pcre') as $ext) { $o .= (extension_loaded($ext) ? $ok : $fail) . ' ' . sprintf($ptx['syscheck_extension'], $ext) . tag('br') . "\n"; } $o .= (!get_magic_quotes_runtime() ? $ok : $fail) . ' ' . $ptx['syscheck_magic_quotes'] . tag('br') . tag('br') . "\n"; $o .= (strtoupper($tx['meta']['codepage']) == 'UTF-8' ? $ok : $fail) . ' ' . $ptx['syscheck_encoding'] . tag('br') . "\n"; $folders = array(); foreach (array('config/', 'css/', 'languages/') as $folder) { $folders[] = $pth['folder']['plugins'] . 'syntaxhighlighter/' . $folder; } foreach ($folders as $folder) { $o .= (is_writable($folder) ? $ok : $warn) . ' ' . sprintf($ptx['syscheck_writable'], $folder) . tag('br') . "\n"; } return $o; }
function escape($string) { if (get_magic_quotes_runtime()) { $string = stripslashes($string); } return @mysql_real_escape_string($string, $this->link_id); }
function get_table_def_mysql($table, $crlf) { global $drop, $db; $schema_create = ""; $field_query = "SHOW FIELDS FROM {$table}"; $key_query = "SHOW KEYS FROM {$table}"; // // If the user has selected to drop existing tables when doing a restore. // Then we add the statement to drop the tables.... // if ($drop == 1) { $schema_create .= "DROP TABLE IF EXISTS {$table};{$crlf}"; } $schema_create .= "CREATE TABLE {$table}({$crlf}"; // Ok lets grab the fields... $result = $db->sql_query($field_query); while ($row = $db->sql_fetchrow($result)) { $schema_create .= ' ' . $row['Field'] . ' ' . $row['Type']; if (!empty($row['Default'])) { $schema_create .= ' DEFAULT \'' . $row['Default'] . '\''; } if ($row['Null'] != 'YES') { $schema_create .= ' NOT NULL'; } if ($row['Extra'] != '') { $schema_create .= ' ' . $row['Extra']; } $schema_create .= ",{$crlf}"; } // Drop the last ',$crlf' off ;) $schema_create = preg_replace('/,' . $crlf . '$/', '', $schema_create); // Get any Indexed fields from the database... $result = $db->sql_query($key_query); while ($row = $db->sql_fetchrow($result)) { $kname = $row['Key_name']; if ($kname != 'PRIMARY' && $row['Non_unique'] == 0) { $kname = "UNIQUE|{$kname}"; } if (!is_array($index[$kname])) { $index[$kname] = array(); } $index[$kname][] = $row['Column_name']; } while (list($x, $columns) = @each($index)) { $schema_create .= ", {$crlf}"; if ($x == 'PRIMARY') { $schema_create .= ' PRIMARY KEY (' . implode($columns, ', ') . ')'; } elseif (substr($x, 0, 6) == 'UNIQUE') { $schema_create .= ' UNIQUE ' . substr($x, 7) . ' (' . implode($columns, ', ') . ')'; } else { $schema_create .= ' KEY ' . $x . '(' . implode($columns, ', ') . ')'; } } $schema_create .= "{$crlf});"; if (get_magic_quotes_runtime()) { return stripslashes($schema_create); } else { return $schema_create; } }
function MagicQuotesRuntimeSetting() { @ini_set("magic_quotes_runtime", 0); if (version_compare('5.4', PHP_VERSION, '>') && function_exists('set_magic_quotes_runtime') && get_magic_quotes_runtime()) { @set_magic_quotes_runtime(false); } }
function un_quoting_run($str) { if (!get_magic_quotes_runtime()) { return stripslashes($str); } return $str; }
public function main() { $count = array(); $article = M('article'); $type = M('type'); $link = M('link'); $hd = M('flash'); $ping = M('pl'); $guest = M('guestbook'); $count['article'] = $article->count(); //文章总数 $count['narticle'] = $article->where('status=0')->count(); //未审核文章总数 $count['guestbook'] = $guest->count(); //留言总数 $count['nguestbook'] = $guest->where('status=0')->count(); //未审核留言总数 $count['type'] = $type->count(); //栏目总数 $count['link'] = $link->count(); //链接总数 $count['hd'] = $hd->count(); //幻灯总数 $count['ping'] = $ping->count(); //评论总数 $count['nping'] = $ping->where('status=0')->count(); //未审核评论 $this->assign('count', $count); unset($article, $type, $link, $hd, $ping, $guest); $info = array('操作系统' => PHP_OS, '运行环境' => $_SERVER["SERVER_SOFTWARE"], 'PHP运行方式' => php_sapi_name(), '上传附件限制' => ini_get('upload_max_filesize'), '执行时间限制' => ini_get('max_execution_time') . '秒', '服务器时间' => date("Y年n月j日 H:i:s"), '北京时间' => gmdate("Y年n月j日 H:i:s", time() + 8 * 3600), '服务器域名/IP' => $_SERVER['SERVER_NAME'] . ' [ ' . gethostbyname($_SERVER['SERVER_NAME']) . ' ]', '剩余空间' => round(@disk_free_space(".") / (1024 * 1024), 2) . 'M', 'register_globals' => get_cfg_var("register_globals") == "1" ? "ON" : "OFF", 'magic_quotes_gpc' => 1 === get_magic_quotes_gpc() ? 'YES' : 'NO', 'magic_quotes_runtime' => 1 === get_magic_quotes_runtime() ? 'YES' : 'NO'); $this->assign('info', $info); $this->display('main'); }
public static function sds_init_error_warning() { if ((int) Configuration::get('config_maintenance') == 1) { echo "<div class='alert alert-warning'>Maintenance mode is enabled. This may cause functional problem at your slider revolution module.</div>"; if (!in_array(Tools::getRemoteAddr(), explode(',', Configuration::get('PS_MAINTENANCE_IP')))) { echo "<div class='alert alert-warning'>It's seemed that your IP is not present in Maintenance IP.</div>"; } } if (get_magic_quotes_gpc()) { echo "<div class='alert alert-warning'>magic_quotes_gpc is enabled. This may cause functional problem at your slider revolution module. Please disable magic_quotes_gpc.</div>"; } if (get_magic_quotes_runtime()) { echo "<div class='alert alert-warning'>magic_quotes_runtime is enabled. This may cause functional problem at your slider revolution module. Please disable magic_quotes_runtime.</div>"; } if (!defined('ABSPATH')) { echo "<div class='alert alert-warning'>Fatal Error: 'ABSPATH' isn't defined.</div>"; return; } if (!is_writable(ABSPATH . '/uploads')) { echo "<div class='alert alert-warning'>'" . ABSPATH . "/uploads' folder is not writeable. Change the folder permission.</div>"; } if (!is_writable(ABSPATH . '/rs-plugin/css')) { echo "<div class='alert alert-warning'>'" . ABSPATH . "/rs-plugin/css' folder is not writeable. Change the folder permission.</div>"; } // if(!is_executable(ABSPATH.'/rs-plugin/fileuploader/uploadify.php')){ // echo "<div class='alert alert-warning'>'".ABSPATH."/rs-plugin/fileuploader/uploadify.php' file is not executable. Change the file permission.</div>"; // } if (!is_writable(ABSPATH . '/cache')) { echo "<div class='alert alert-warning'>'" . ABSPATH . "/cache' folder is not writeable. Change the folder permission.</div>"; } }
function Pommo_Db($username = NULL, $password = NULL, $database = NULL, $hostname = NULL, $tablePrefix = NULL) { // turn off magic quotes runtime if (get_magic_quotes_runtime()) { if (!set_magic_quotes_runtime(0)) { Pommo::kill('Could not turn off PHP\'s magic_quotes_runtime'); } } $this->_prefix = $tablePrefix; $this->_database = $database; $this->table = array('config' => '`' . $tablePrefix . 'config`', 'fields' => '`' . $tablePrefix . 'fields`', 'group_rules' => '`' . $tablePrefix . 'group_rules`', 'groups' => '`' . $tablePrefix . 'groups`', 'mailing_notices' => '`' . $tablePrefix . 'mailing_notices`', 'mailing_current' => '`' . $tablePrefix . 'mailing_current`', 'mailings' => '`' . $tablePrefix . 'mailings`', 'scratch' => '`' . $tablePrefix . 'scratch`', 'subscriber_data' => '`' . $tablePrefix . 'subscriber_data`', 'subscriber_pending' => '`' . $tablePrefix . 'subscriber_pending`', 'subscriber_update' => '`' . $tablePrefix . 'subscriber_update`', 'subscribers' => '`' . $tablePrefix . 'subscribers`', 'templates' => '`' . $tablePrefix . 'templates`', 'queue' => '`' . $tablePrefix . 'queue`', 'updates' => '`' . $tablePrefix . 'updates`'); $this->_dieOnQuery = TRUE; $this->_debug = FALSE; $this->_results = array(); // connect to mysql database using config variables from poMMo class (set in setup/config.php). // supress errors to hide login information... $this->_link = mysql_connect($hostname, $username, $password); if (!$this->_link) { Pommo::kill(Pommo::_T('Could not establish database connection.') . ' ' . Pommo::_T('Verify your settings in config.php')); } if (!@mysql_select_db($database, $this->_link)) { Pommo::kill(sprintf(Pommo::_T('Connected to database server but could not select database (%s). Does it exist?'), $database) . ' ' . Pommo::_T('Verify your settings in config.php')); } // Make sure any results we retrieve or commands we send use the same charset and collation as the database: // code taken from Juliette Reinders Folmer; http://www.adviesenzo.nl/examples/php_mysql_charset_fix/ // TODO: Cache the charset? $db_charset = mysql_query("SHOW VARIABLES LIKE 'character_set_database'", $this->_link); $charset_row = mysql_fetch_assoc($db_charset); mysql_query("SET NAMES '" . $charset_row['Value'] . "'", $this->_link); unset($db_charset, $charset_row); // setup safeSQL class $this->_safeSQL = new SafeSQL_MySQL($this->_link); }
public function main() { //$upyun_img = $this->createImgUpYun(); $info = array('操作系统' => PHP_OS, '运行环境' => $_SERVER["SERVER_SOFTWARE"], 'PHP运行方式' => php_sapi_name(), '上传附件限制' => ini_get('upload_max_filesize'), '执行时间限制' => ini_get('max_execution_time') . '秒', '服务器时间' => date("Y年n月j日 H:i:s"), '北京时间' => gmdate("Y年n月j日 H:i:s", time() + 8 * 3600), '服务器域名/IP' => $_SERVER['SERVER_NAME'] . ' [ ' . gethostbyname($_SERVER['SERVER_NAME']) . ' ]', '服务器剩余空间' => round(disk_free_space(".") / (1024 * 1024), 2) . 'M', 'register_globals' => get_cfg_var("register_globals") == "1" ? "ON" : "OFF", 'magic_quotes_gpc' => 1 === get_magic_quotes_gpc() ? 'YES' : 'NO', 'magic_quotes_runtime' => 1 === get_magic_quotes_runtime() ? 'YES' : 'NO'); $this->assign('info', $info); $this->display(); }
/** * Sanitizes global GET, POST and COOKIE data. Also takes care of * magic_quotes and register_globals, if they have been enabled. * * @return void */ public function __construct() { // Use XSS clean? $this->use_xss_clean = (bool) Eight::config('core.global_xss_filtering'); if (self::$instance === nil) { // Convert all global variables to UTF-8. $_GET = Input::clean($_GET); $_POST = Input::clean($_POST); $_COOKIE = Input::clean($_COOKIE); $_SERVER = Input::clean($_SERVER); if (PHP_SAPI == 'cli') { // Convert command line arguments $_SERVER['argv'] = Input::clean($_SERVER['argv']); } // magic_quotes_runtime is enabled if (get_magic_quotes_runtime()) { exit('Disable magic_quotes_runtime! It is evil and deprecated: http://php.net/magic_quotes'); } // magic_quotes_gpc is enabled if (get_magic_quotes_gpc()) { exit('Disable magic_quotes_gpc! It is evil and deprecated: http://php.net/magic_quotes'); } // register_globals is enabled if (ini_get('register_globals')) { exit('Disable register_globals! It is evil and deprecated: http://php.net/register_globals'); } if (is_array($_GET)) { foreach ($_GET as $key => $val) { // Sanitize $_GET $_GET[$this->clean_input_keys($key)] = $this->clean_input_data($val); } } else { $_GET = array(); } if (is_array($_POST)) { foreach ($_POST as $key => $val) { // Sanitize $_POST $_POST[$this->clean_input_keys($key)] = $this->clean_input_data($val); } } else { $_POST = array(); } if (is_array($_COOKIE)) { foreach ($_COOKIE as $key => $val) { // Sanitize $_COOKIE $_COOKIE[$this->clean_input_keys($key)] = $this->clean_input_data($val); } } else { $_COOKIE = array(); } // Create a singleton self::$instance = $this; Eight::log('debug', 'Global GET, POST and COOKIE data sanitized'); } // Assign global vars to request helper vars request::$get = $_GET; request::$post = $_POST; request::$input = array_merge(URI::instance()->segments(2, YES), $_REQUEST); }
function socket_read($byte_count) { $mqr = get_magic_quotes_runtime(); set_magic_quotes_runtime(0); $buffer = fread($this->socket, $byte_count); set_magic_quotes_runtime($mqr); return $buffer; }
/** * Create a new DiskKeyCache with the given $stream for cloning to make * InputByteStreams, and the given $path to save to. * * @param Swift_KeyCache_KeyCacheInputStream $stream * @param string $path to save to */ public function __construct(Swift_KeyCache_KeyCacheInputStream $stream, $path) { $this->_stream = $stream; $this->_path = $path; if (function_exists('get_magic_quotes_runtime') && @get_magic_quotes_runtime() == 1) { $this->_quotes = true; } }
/** * Constructor. */ public function __construct() { if (version_compare(PHP_VERSION, '5.4.0') < 0) { $this->magicQuotesGpc = @get_magic_quotes_gpc(); $this->magicQuotesRuntime = @get_magic_quotes_runtime(); $this->registerGlobals = @ini_get('register_globals'); } }
/** * Create a new FileByteStream for $path. * * @param string $path * @param boolean $writable if true */ public function __construct($path, $writable = false) { $this->_path = $path; $this->_mode = $writable ? 'w+b' : 'rb'; if (function_exists('get_magic_quotes_runtime') && @get_magic_quotes_runtime() == 1) { $this->_quotes = true; } }
/** * Check the magic_quotes setting * * @return boolean Enabled/not enabled */ private function checkMagicQuotes() { if (get_magic_quotes_gpc() || get_magic_quotes_runtime()) { $this->throwError('SECURITY WARNING: magic_quotes is enabled! ' . 'Please consider disabling'); } else { return true; } }
function bhi_check_magic_quotes() { if (get_magic_quotes_runtime() == 0 && get_magic_quotes_gpc() == 0) { return true; } else { return false; } }
/** * Wrapper for get_magic_quotes_runtime * * @since version 0.83 * * @return boolean **/ static function get_magic_quotes_runtime() { // Deprecated function(8192): Function get_magic_quotes_runtime() is deprecated if (PHP_VERSION_ID < 50400) { return get_magic_quotes_runtime(); } return 0; }
function insql1($in) { if (get_magic_quotes_runtime()) { return $in; } else { return addslashes($in); } }
/** * Gets the current configuration setting of magic_quotes_gpc. * And gets the current active configuration setting of magic_quotes_runtime */ function c_get_magic_quotes() { if (c_version_compare("5.4.0")) { return (bool) (get_magic_quotes_gpc() || get_magic_quotes_runtime() ? true : false); } else { return false; } }
/** * Check magic quote and disable it */ private function checkMagicQuoteRuntime() { // Check for magic quotes if (get_magic_quotes_runtime()) { // Oh god! Danger. Magic quote deprecated. Sort it out. @set_magic_quotes_runtime(0); } }
/** * Constructor. Sanitizes global data GET, POST and COOKIE data. * Also makes sure those pesty magic quotes and register globals * don't bother us. This is protected because it really only needs * to be run once. * * @return void */ protected function __construct() { if (self::$instance === NULL) { // Check for magic quotes if (get_magic_quotes_runtime()) { // Dear lord!! This is bad and deprected. Sort it out ;) set_magic_quotes_runtime(0); } if (get_magic_quotes_gpc()) { // This is also bad and deprected. See http://php.net/magic_quotes for more information. $this->magic_quotes_gpc = TRUE; } // Check for register globals and prevent security issues from arising. if (ini_get('register_globals')) { if (isset($_REQUEST['GLOBALS'])) { // No no no.. just kill the script here and now exit('Illegal attack on global variable.'); } // Get rid of REQUEST $_REQUEST = array(); // The following globals are standard and shouldn't really be removed $preserve = array('GLOBALS', '_REQUEST', '_GET', '_POST', '_FILES', '_COOKIE', '_SERVER', '_ENV', '_SESSION'); // Same effect as disabling register_globals foreach ($GLOBALS as $key => $value) { if (!in_array($key, $preserve)) { global ${$key}; ${$key} = NULL; unset($GLOBALS[$key], ${$key}); } } } // Sanitize global data if (is_array($_POST)) { foreach ($_POST as $key => $value) { $_POST[$this->clean_input_keys($key)] = $this->clean_input_data($value); } } else { $_POST = array(); } if (is_array($_GET)) { foreach ($_GET as $key => $value) { $_GET[$this->clean_input_keys($key)] = $this->clean_input_data($value); } } else { $_GET = array(); } if (is_array($_COOKIE)) { foreach ($_COOKIE as $key => $value) { $_COOKIE[$this->clean_input_keys($key)] = $this->clean_input_data($value); } } else { $_COOKIE = array(); } // Just make REQUEST a merge of POST and GET. Who really wants cookies in it anyway? $_REQUEST = array_merge($_GET, $_POST); self::$instance = $this; } }
/** * Constructor. * Initialize parser and set parser options. */ function XMLParser() { // magic_quotes_runtime must be disabled for XML parsing $this->magicQuotes = get_magic_quotes_runtime(); if ($this->magicQuotes) { set_magic_quotes_runtime(0); } $this->errors = array(); }
/** * Constructor * Sets up the database connection. * Can pass in the hostname, username, password and database name if you want to. * If you don't it will set up the base class, then you'll have to call Connect yourself. * * @param String $hostname Name of the server to connect to. * @param String $username Username to connect to the server with. * @param String $password Password to connect with. * @param String $databasename Database name to connect to. * * @see Connect * @see GetError * * @return Mixed Returns false if no connection can be made - the error can be fetched by the Error() method. Returns the connection result if it can be made. Will return Null if you don't pass in the connection details. */ function Oci8Db($hostname = '', $username = '', $password = '', $databasename = '') { $this->magic_quotes_runtime_on = get_magic_quotes_runtime(); if ($hostname && $username && $databasename) { $connection = $this->Connect($hostname, $username, $password, $databasename); return $connection; } return null; }
/** * Sanitizes global GET, POST and COOKIE data. Also takes care of * magic_quotes and register_globals, if they have been enabled. * * @return void */ public function __construct() { // Convert all global variables to Kohana charset $_GET = Input::clean($_GET); $_POST = Input::clean($_POST); $_COOKIE = Input::clean($_COOKIE); $_SERVER = Input::clean($_SERVER); if (Kohana::$server_api === 'cli') { // Convert command line arguments $_SERVER['argv'] = Input::clean($_SERVER['argv']); } // Use XSS clean? $this->use_xss_clean = (bool) Kohana::config('core.global_xss_filtering'); if (Input::$instance === NULL) { // magic_quotes_runtime is enabled if (get_magic_quotes_runtime()) { @set_magic_quotes_runtime(0); Kohana_Log::add('debug', 'Disable magic_quotes_runtime! It is evil and deprecated: http://php.net/magic_quotes'); } // magic_quotes_gpc is enabled if (get_magic_quotes_gpc()) { $this->magic_quotes_gpc = TRUE; Kohana_Log::add('debug', 'Disable magic_quotes_gpc! It is evil and deprecated: http://php.net/magic_quotes'); } if (is_array($_GET)) { foreach ($_GET as $key => $val) { // Sanitize $_GET $_GET[$this->clean_input_keys($key)] = $this->clean_input_data($val); } } else { $_GET = array(); } if (is_array($_POST)) { foreach ($_POST as $key => $val) { // Sanitize $_POST $_POST[$this->clean_input_keys($key)] = $this->clean_input_data($val); } } else { $_POST = array(); } if (is_array($_COOKIE)) { foreach ($_COOKIE as $key => $val) { // Ignore special attributes in RFC2109 compliant cookies if ($key == '$Version' or $key == '$Path' or $key == '$Domain') { continue; } // Sanitize $_COOKIE $_COOKIE[$this->clean_input_keys($key)] = $this->clean_input_data($val); } } else { $_COOKIE = array(); } // Create a singleton Input::$instance = $this; Kohana_Log::add('debug', 'Global GET, POST and COOKIE data sanitized'); } }