function sanitizeme($input) { if (is_array($input)) { foreach ($input as $var => $val) { $output[$var] = sanitizeme($val); } } else { if (get_magic_quotes_gpc()) { $input = stripslashes($input); } //echo "Raw Input:" . $input . "<br />"; $input = cleanInput($input); //echo "Clean Input:" . $input . "<br />"; $output = $input; //echo "mysql_escape output" . $output . "<br />"; } if (isset($output) && $output != '') { return $output; } else { return false; } }
function sanitizeme($input) { if (is_array($input)) { foreach ($input as $var => $val) { $output[$var] = sanitizeme($val); } } else { if (get_magic_quotes_gpc()) { $input = stripslashes($input); } //echo "Raw Input:" . $input . "<br />"; $input = cleanInput($input); $input = strip_tags($input); // Remove HTML $input = htmlspecialchars($input); // Convert characters $input = trim(rtrim(ltrim($input))); // Remove spaces $input = $input; // Prevent SQL Injection $output = $input; } if (isset($output) && $output != '') { return $output; } else { return false; } }
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $GLOBALS['pdo'] = $pdo; ob_start(); include 'includes/FirePHPCore/fb.php'; /* /* * Load the Settings class */ require_once 'Settings_class.php'; $settings = new Settings($pdo); $settings->load(); /* * Common functions */ require_once 'functions.php'; /* * Load the allowed file types list */ require_once 'FileTypes_class.php'; $filetypes = new FileTypes_class($pdo); $filetypes->load(); // Set the revision directory. (relative to $dataDir) $CONFIG['revisionDir'] = $GLOBALS['CONFIG']['dataDir'] . 'revisionDir/'; // Set the revision directory. (relative to $dataDir) $CONFIG['archiveDir'] = $GLOBALS['CONFIG']['dataDir'] . 'archiveDir/'; $_GET = sanitizeme($_GET); $_REQUEST = sanitizeme($_REQUEST); $_POST = sanitizeme($_POST); $_SERVER = sanitizeme($_SERVER); $_FILES = sanitizeme($_FILES);