Exemplo n.º 1
 public function __construct()
     if (get_magic_quotes_runtime()) {
     if (get_magic_quotes_gpc()) {
         $_POST = $this->strip_slashes($_POST);
         $_GET = $this->strip_slashes($_GET);
         $_SESSION = $this->strip_slashes($_SESSION);
         $_COOKIE = $this->strip_slashes($_COOKIE);
     if (defined('XIAOCMS_ADMIN') || defined('XIAOCMS_MEMBER')) {
         define('SITE_PATH', self::get_a_url());
     } else {
         define('SITE_PATH', self::get_base_url());
     if (!is_file(XIAOCMS_PATH . 'data/install.lock')) {
     if (is_file(XIAOCMS_PATH . 'member' . DIRECTORY_SEPARATOR . 'index.php')) {
     $this->db = xiaocms::load_class('Model');
     $this->view = xiaocms::load_class('view');
     $this->cookie = xiaocms::load_class('cookie');
     $this->session = xiaocms::load_class('session');
     $this->site_config = xiaocms::load_config('config');
     $this->category_cache = get_cache('category');
     $this->content_model = get_cache('content_model');
     $this->member_info = self::get_member_info();
     $this->view->assign(array('cats' => $this->category_cache, 'member' => $this->member_info, 'site_url' => self::get_http_host() . SITE_PATH, 'site_name' => $this->site_config['site_name'], 'page' => (int) self::get('page') ? (int) self::get('page') : 1, 'site_template' => SITE_PATH . basename(TEMPLATE_DIR) . '/' . basename(SYS_THEME_DIR) . '/'));
Exemplo n.º 2
function db_query($sql)
    global $db_debug;
    global $db_conn;
    if ($db_debug) {
    try {
        $r = $db_conn->query($sql);
    } catch (PDOException $e) {
    $rows = $r->fetchAll(PDO::FETCH_ASSOC);
    if (!$rows) {
        return false;
    if (get_magic_quotes_runtime()) {
        foreach ($rows as $row) {
            foreach ($row as $k => &$v) {
                $v = stripslashes($v);
    return $rows;
Exemplo n.º 3
  * Renders the view.
  * @return string (X)HTML
  * @global array The paths of system files and folders.
  * @global array The configuration of the plugins.
  * @global array The localization of the core.
  * @global array The localization of the plugins.
 public function render()
     global $pth, $plugin_cf, $tx, $plugin_tx;
     $phpVersion = '5.3.0';
     $ptx = $plugin_tx['advancedform'];
     $imgdir = $pth['folder']['plugins'] . 'advancedform/images/';
     $ok = tag('img src="' . $imgdir . 'ok.png" alt="ok"');
     $warn = tag('img src="' . $imgdir . 'warn.png" alt="warning"');
     $fail = tag('img src="' . $imgdir . 'fail.png" alt="failure"');
     $o = tag('hr') . '<h4>' . $ptx['syscheck_title'] . '</h4>' . (version_compare(PHP_VERSION, $phpVersion) >= 0 ? $ok : $fail) . '&nbsp;&nbsp;' . sprintf($ptx['syscheck_phpversion'], $phpVersion) . tag('br') . tag('br') . PHP_EOL;
     foreach (array('ctype', 'mbstring', 'pcre', 'session', 'spl') as $ext) {
         $o .= (extension_loaded($ext) ? $ok : $fail) . '&nbsp;&nbsp;' . sprintf($ptx['syscheck_extension'], $ext) . tag('br') . PHP_EOL;
     $o .= tag('br') . (strtoupper($tx['meta']['codepage']) == 'UTF-8' ? $ok : $warn) . '&nbsp;&nbsp;' . $ptx['syscheck_encoding'] . tag('br') . PHP_EOL;
     $o .= (!get_magic_quotes_runtime() ? $ok : $warn) . '&nbsp;&nbsp;' . $ptx['syscheck_magic_quotes'] . tag('br') . PHP_EOL;
     $filename = $pth['folder']['plugins'] . 'jquery/jquery.inc.php';
     $o .= (file_exists($filename) ? $ok : $fail) . '&nbsp;&nbsp;' . $ptx['syscheck_jquery'] . tag('br') . PHP_EOL;
     $filename = $pth['folder']['plugins'] . $plugin_cf['advancedform']['captcha_plugin'] . '/captcha.php';
     $o .= (file_exists($filename) ? $ok : $warn) . '&nbsp;&nbsp;' . $ptx['syscheck_captcha_plugin'] . tag('br') . tag('br') . PHP_EOL;
     foreach (array('config/', 'css/', 'languages/') as $folder) {
         $folders[] = $pth['folder']['plugins'] . 'advancedform/' . $folder;
     $folders[] = Data::folder();
     foreach ($folders as $folder) {
         $o .= (is_writable($folder) ? $ok : $warn) . '&nbsp;&nbsp;' . sprintf($ptx['syscheck_writable'], $folder) . tag('br') . PHP_EOL;
     return $o;
Exemplo n.º 4
function session($configfile)
    if (get_magic_quotes_runtime()) {
    $ini = readINIfile("" . $configfile . "", ";");
    // dabei ist ; das zeichen für einen kommentar. kann geändert werden.
    for ($i = 0; $i <= 7; $i++) {
        $_SESSION["color_ch" . $i] = $ini['plotter']['color_ch' . $i];
        $_SESSION["temp_min" . $i] = $ini['temp_min']['temp_min' . $i];
        $_SESSION["temp_max" . $i] = $ini['temp_max']['temp_max' . $i];
        $_SESSION["ch_name" . $i] = $ini['ch_name']['ch_name' . $i];
        $_SESSION["alert" . $i] = $ini['web_alert']['ch' . $i];
        $_SESSION["ch_show" . $i] = $ini['ch_show']['ch' . $i];
    $_SESSION["plot_start"] = $ini['ToDo']['plot_start'];
    $_SESSION["plotname"] = $ini['plotter']['plotname'];
    $_SESSION["plotsize"] = $ini['plotter']['plotsize'];
    $_SESSION["plotbereich_min"] = $ini['plotter']['plotbereich_min'];
    $_SESSION["plotbereich_max"] = $ini['plotter']['plotbereich_max'];
    $_SESSION["keybox"] = $ini['plotter']['keybox'];
    $_SESSION["keyboxframe"] = $ini['plotter']['keyboxframe'];
    $_SESSION["pit_on"] = $ini['ToDo']['pit_on'];
    $_SESSION["pit_ch"] = $ini['Pitmaster']['pit_ch'];
    $_SESSION["webcam_start"] = $ini['webcam']['webcam_start'];
    $_SESSION["current_temp"] = $ini['filepath']['current_temp'];
    $_SESSION["pitmaster"] = $ini['filepath']['pitmaster'];
    if (!isset($_SESSION["websoundalert"])) {
        $_SESSION["websoundalert"] = "True";
Exemplo n.º 5
 * Send a download.
 * @since 0.1.0
 * @param string $file An absolute file path.
function satispress_send_file($file)
    if (function_exists('apache_setenv')) {
        @apache_setenv('no-gzip', 1);
    if (get_magic_quotes_runtime()) {
    @ini_set('zlib.output_compression', 'Off');
    if (ob_get_level()) {
        // Zip corruption fix.
    header('Robots: none');
    header('Content-Type: application/force-download');
    header('Content-Description: File Transfer');
    header('Content-Disposition: attachment; filename="' . basename($file) . '";');
    header('Content-Transfer-Encoding: binary');
    if ($size = @filesize($file)) {
        header('Content-Length: ' . $size);
    @readfile_chunked($file) or wp_die(__('File not found', 'satispress'));
Exemplo n.º 6
 public function main()
     $info = array('操作系统' => PHP_OS, '运行环境' => $_SERVER["SERVER_SOFTWARE"], 'PHP运行方式' => php_sapi_name(), 'ThinkPHP版本' => THINK_VERSION . ' [ <a href="http://thinkphp.cn" target="_blank">查看最新版本</a> ]', '上传附件限制' => ini_get('upload_max_filesize'), '执行时间限制' => ini_get('max_execution_time') . '秒', '服务器时间' => date("Y年n月j日 H:i:s"), '北京时间' => gmdate("Y年n月j日 H:i:s", time() + 8 * 3600), '服务器域名/IP' => $_SERVER['SERVER_NAME'] . ' [ ' . gethostbyname($_SERVER['SERVER_NAME']) . ' ]', '剩余空间' => round(@disk_free_space(".") / (1024 * 1024), 2) . 'M', 'register_globals' => get_cfg_var("register_globals") == "1" ? "ON" : "OFF", 'magic_quotes_gpc' => 1 === get_magic_quotes_gpc() ? 'YES' : 'NO', 'magic_quotes_runtime' => 1 === get_magic_quotes_runtime() ? 'YES' : 'NO');
     $this->assign('info1', $info);
     // dump($info);
 * Returns the requirements information view.
 * @return string  The (X)HTML.
function Syntaxhighlighter_systemCheck()
    global $pth, $tx, $plugin_tx;
    $ptx = $plugin_tx['syntaxhighlighter'];
    $imgdir = $pth['folder']['plugins'] . 'syntaxhighlighter/images/';
    $ok = tag('img src="' . $imgdir . 'ok.png" alt="ok"');
    $warn = tag('img src="' . $imgdir . 'warn.png" alt="warning"');
    $fail = tag('img src="' . $imgdir . 'fail.png" alt="failure"');
    $o = '<h4>' . $ptx['syscheck_title'] . '</h4>' . (version_compare(PHP_VERSION, SYNTAXHIGHLIGHTER_PHP_VERSION) >= 0 ? $ok : $fail) . '&nbsp;&nbsp;' . sprintf($ptx['syscheck_phpversion'], SYNTAXHIGHLIGHTER_PHP_VERSION) . tag('br') . "\n";
    foreach (array('pcre') as $ext) {
        $o .= (extension_loaded($ext) ? $ok : $fail) . '&nbsp;&nbsp;' . sprintf($ptx['syscheck_extension'], $ext) . tag('br') . "\n";
    $o .= (!get_magic_quotes_runtime() ? $ok : $fail) . '&nbsp;&nbsp;' . $ptx['syscheck_magic_quotes'] . tag('br') . tag('br') . "\n";
    $o .= (strtoupper($tx['meta']['codepage']) == 'UTF-8' ? $ok : $fail) . '&nbsp;&nbsp;' . $ptx['syscheck_encoding'] . tag('br') . "\n";
    $folders = array();
    foreach (array('config/', 'css/', 'languages/') as $folder) {
        $folders[] = $pth['folder']['plugins'] . 'syntaxhighlighter/' . $folder;
    foreach ($folders as $folder) {
        $o .= (is_writable($folder) ? $ok : $warn) . '&nbsp;&nbsp;' . sprintf($ptx['syscheck_writable'], $folder) . tag('br') . "\n";
    return $o;
Exemplo n.º 8
 function escape($string)
     if (get_magic_quotes_runtime()) {
         $string = stripslashes($string);
     return @mysql_real_escape_string($string, $this->link_id);
function get_table_def_mysql($table, $crlf)
    global $drop, $db;
    $schema_create = "";
    $field_query = "SHOW FIELDS FROM {$table}";
    $key_query = "SHOW KEYS FROM {$table}";
    // If the user has selected to drop existing tables when doing a restore.
    // Then we add the statement to drop the tables....
    if ($drop == 1) {
        $schema_create .= "DROP TABLE IF EXISTS {$table};{$crlf}";
    $schema_create .= "CREATE TABLE {$table}({$crlf}";
    // Ok lets grab the fields...
    $result = $db->sql_query($field_query);
    while ($row = $db->sql_fetchrow($result)) {
        $schema_create .= '	' . $row['Field'] . ' ' . $row['Type'];
        if (!empty($row['Default'])) {
            $schema_create .= ' DEFAULT \'' . $row['Default'] . '\'';
        if ($row['Null'] != 'YES') {
            $schema_create .= ' NOT NULL';
        if ($row['Extra'] != '') {
            $schema_create .= ' ' . $row['Extra'];
        $schema_create .= ",{$crlf}";
    // Drop the last ',$crlf' off ;)
    $schema_create = preg_replace('/,' . $crlf . '$/', '', $schema_create);
    // Get any Indexed fields from the database...
    $result = $db->sql_query($key_query);
    while ($row = $db->sql_fetchrow($result)) {
        $kname = $row['Key_name'];
        if ($kname != 'PRIMARY' && $row['Non_unique'] == 0) {
            $kname = "UNIQUE|{$kname}";
        if (!is_array($index[$kname])) {
            $index[$kname] = array();
        $index[$kname][] = $row['Column_name'];
    while (list($x, $columns) = @each($index)) {
        $schema_create .= ", {$crlf}";
        if ($x == 'PRIMARY') {
            $schema_create .= '	PRIMARY KEY (' . implode($columns, ', ') . ')';
        } elseif (substr($x, 0, 6) == 'UNIQUE') {
            $schema_create .= '	UNIQUE ' . substr($x, 7) . ' (' . implode($columns, ', ') . ')';
        } else {
            $schema_create .= '	KEY ' . $x . '(' . implode($columns, ', ') . ')';
    $schema_create .= "{$crlf});";
    if (get_magic_quotes_runtime()) {
        return stripslashes($schema_create);
    } else {
        return $schema_create;
Exemplo n.º 10
function MagicQuotesRuntimeSetting()
    @ini_set("magic_quotes_runtime", 0);
    if (version_compare('5.4', PHP_VERSION, '>') && function_exists('set_magic_quotes_runtime') && get_magic_quotes_runtime()) {
function un_quoting_run($str)
    if (!get_magic_quotes_runtime()) {
        return stripslashes($str);
    return $str;
Exemplo n.º 12
 public function main()
     $count = array();
     $article = M('article');
     $type = M('type');
     $link = M('link');
     $hd = M('flash');
     $ping = M('pl');
     $guest = M('guestbook');
     $count['article'] = $article->count();
     $count['narticle'] = $article->where('status=0')->count();
     $count['guestbook'] = $guest->count();
     $count['nguestbook'] = $guest->where('status=0')->count();
     $count['type'] = $type->count();
     $count['link'] = $link->count();
     $count['hd'] = $hd->count();
     $count['ping'] = $ping->count();
     $count['nping'] = $ping->where('status=0')->count();
     $this->assign('count', $count);
     unset($article, $type, $link, $hd, $ping, $guest);
     $info = array('操作系统' => PHP_OS, '运行环境' => $_SERVER["SERVER_SOFTWARE"], 'PHP运行方式' => php_sapi_name(), '上传附件限制' => ini_get('upload_max_filesize'), '执行时间限制' => ini_get('max_execution_time') . '秒', '服务器时间' => date("Y年n月j日 H:i:s"), '北京时间' => gmdate("Y年n月j日 H:i:s", time() + 8 * 3600), '服务器域名/IP' => $_SERVER['SERVER_NAME'] . ' [ ' . gethostbyname($_SERVER['SERVER_NAME']) . ' ]', '剩余空间' => round(@disk_free_space(".") / (1024 * 1024), 2) . 'M', 'register_globals' => get_cfg_var("register_globals") == "1" ? "ON" : "OFF", 'magic_quotes_gpc' => 1 === get_magic_quotes_gpc() ? 'YES' : 'NO', 'magic_quotes_runtime' => 1 === get_magic_quotes_runtime() ? 'YES' : 'NO');
     $this->assign('info', $info);
 public static function sds_init_error_warning()
     if ((int) Configuration::get('config_maintenance') == 1) {
         echo "<div class='alert alert-warning'>Maintenance mode is enabled. This may cause functional problem at your slider revolution module.</div>";
         if (!in_array(Tools::getRemoteAddr(), explode(',', Configuration::get('PS_MAINTENANCE_IP')))) {
             echo "<div class='alert alert-warning'>It's seemed that your IP is not present in Maintenance IP.</div>";
     if (get_magic_quotes_gpc()) {
         echo "<div class='alert alert-warning'>magic_quotes_gpc is enabled. This may cause functional problem at your slider revolution module. Please disable magic_quotes_gpc.</div>";
     if (get_magic_quotes_runtime()) {
         echo "<div class='alert alert-warning'>magic_quotes_runtime is enabled. This may cause functional problem at your slider revolution module. Please disable magic_quotes_runtime.</div>";
     if (!defined('ABSPATH')) {
         echo "<div class='alert alert-warning'>Fatal Error: 'ABSPATH' isn't defined.</div>";
     if (!is_writable(ABSPATH . '/uploads')) {
         echo "<div class='alert alert-warning'>'" . ABSPATH . "/uploads' folder is not writeable. Change the folder permission.</div>";
     if (!is_writable(ABSPATH . '/rs-plugin/css')) {
         echo "<div class='alert alert-warning'>'" . ABSPATH . "/rs-plugin/css' folder is not writeable. Change the folder permission.</div>";
     //                    if(!is_executable(ABSPATH.'/rs-plugin/fileuploader/uploadify.php')){
     //                        echo "<div class='alert alert-warning'>'".ABSPATH."/rs-plugin/fileuploader/uploadify.php' file is not executable. Change the file permission.</div>";
     //                    }
     if (!is_writable(ABSPATH . '/cache')) {
         echo "<div class='alert alert-warning'>'" . ABSPATH . "/cache' folder is not writeable. Change the folder permission.</div>";
Exemplo n.º 14
 function Pommo_Db($username = NULL, $password = NULL, $database = NULL, $hostname = NULL, $tablePrefix = NULL)
     // turn off magic quotes runtime
     if (get_magic_quotes_runtime()) {
         if (!set_magic_quotes_runtime(0)) {
             Pommo::kill('Could not turn off PHP\'s magic_quotes_runtime');
     $this->_prefix = $tablePrefix;
     $this->_database = $database;
     $this->table = array('config' => '`' . $tablePrefix . 'config`', 'fields' => '`' . $tablePrefix . 'fields`', 'group_rules' => '`' . $tablePrefix . 'group_rules`', 'groups' => '`' . $tablePrefix . 'groups`', 'mailing_notices' => '`' . $tablePrefix . 'mailing_notices`', 'mailing_current' => '`' . $tablePrefix . 'mailing_current`', 'mailings' => '`' . $tablePrefix . 'mailings`', 'scratch' => '`' . $tablePrefix . 'scratch`', 'subscriber_data' => '`' . $tablePrefix . 'subscriber_data`', 'subscriber_pending' => '`' . $tablePrefix . 'subscriber_pending`', 'subscriber_update' => '`' . $tablePrefix . 'subscriber_update`', 'subscribers' => '`' . $tablePrefix . 'subscribers`', 'templates' => '`' . $tablePrefix . 'templates`', 'queue' => '`' . $tablePrefix . 'queue`', 'updates' => '`' . $tablePrefix . 'updates`');
     $this->_dieOnQuery = TRUE;
     $this->_debug = FALSE;
     $this->_results = array();
     // connect to mysql database using config variables from poMMo class (set in setup/config.php).
     // supress errors to hide login information...
     $this->_link = mysql_connect($hostname, $username, $password);
     if (!$this->_link) {
         Pommo::kill(Pommo::_T('Could not establish database connection.') . ' ' . Pommo::_T('Verify your settings in config.php'));
     if (!@mysql_select_db($database, $this->_link)) {
         Pommo::kill(sprintf(Pommo::_T('Connected to database server but could not select database (%s). Does it exist?'), $database) . ' ' . Pommo::_T('Verify your settings in config.php'));
     // Make sure any results we retrieve or commands we send use the same charset and collation as the database:
     //  code taken from Juliette Reinders Folmer; http://www.adviesenzo.nl/examples/php_mysql_charset_fix/
     //  TODO: Cache the charset?
     $db_charset = mysql_query("SHOW VARIABLES LIKE 'character_set_database'", $this->_link);
     $charset_row = mysql_fetch_assoc($db_charset);
     mysql_query("SET NAMES '" . $charset_row['Value'] . "'", $this->_link);
     unset($db_charset, $charset_row);
     // setup safeSQL class
     $this->_safeSQL = new SafeSQL_MySQL($this->_link);
Exemplo n.º 15
 public function main()
     //$upyun_img = $this->createImgUpYun();
     $info = array('操作系统' => PHP_OS, '运行环境' => $_SERVER["SERVER_SOFTWARE"], 'PHP运行方式' => php_sapi_name(), '上传附件限制' => ini_get('upload_max_filesize'), '执行时间限制' => ini_get('max_execution_time') . '秒', '服务器时间' => date("Y年n月j日 H:i:s"), '北京时间' => gmdate("Y年n月j日 H:i:s", time() + 8 * 3600), '服务器域名/IP' => $_SERVER['SERVER_NAME'] . ' [ ' . gethostbyname($_SERVER['SERVER_NAME']) . ' ]', '服务器剩余空间' => round(disk_free_space(".") / (1024 * 1024), 2) . 'M', 'register_globals' => get_cfg_var("register_globals") == "1" ? "ON" : "OFF", 'magic_quotes_gpc' => 1 === get_magic_quotes_gpc() ? 'YES' : 'NO', 'magic_quotes_runtime' => 1 === get_magic_quotes_runtime() ? 'YES' : 'NO');
     $this->assign('info', $info);
Exemplo n.º 16
  * Sanitizes global GET, POST and COOKIE data. Also takes care of
  * magic_quotes and register_globals, if they have been enabled.
  * @return  void
 public function __construct()
     // Use XSS clean?
     $this->use_xss_clean = (bool) Eight::config('core.global_xss_filtering');
     if (self::$instance === nil) {
         // Convert all global variables to UTF-8.
         $_GET = Input::clean($_GET);
         $_POST = Input::clean($_POST);
         $_COOKIE = Input::clean($_COOKIE);
         $_SERVER = Input::clean($_SERVER);
         if (PHP_SAPI == 'cli') {
             // Convert command line arguments
             $_SERVER['argv'] = Input::clean($_SERVER['argv']);
         // magic_quotes_runtime is enabled
         if (get_magic_quotes_runtime()) {
             exit('Disable magic_quotes_runtime! It is evil and deprecated: http://php.net/magic_quotes');
         // magic_quotes_gpc is enabled
         if (get_magic_quotes_gpc()) {
             exit('Disable magic_quotes_gpc! It is evil and deprecated: http://php.net/magic_quotes');
         // register_globals is enabled
         if (ini_get('register_globals')) {
             exit('Disable register_globals! It is evil and deprecated: http://php.net/register_globals');
         if (is_array($_GET)) {
             foreach ($_GET as $key => $val) {
                 // Sanitize $_GET
                 $_GET[$this->clean_input_keys($key)] = $this->clean_input_data($val);
         } else {
             $_GET = array();
         if (is_array($_POST)) {
             foreach ($_POST as $key => $val) {
                 // Sanitize $_POST
                 $_POST[$this->clean_input_keys($key)] = $this->clean_input_data($val);
         } else {
             $_POST = array();
         if (is_array($_COOKIE)) {
             foreach ($_COOKIE as $key => $val) {
                 // Sanitize $_COOKIE
                 $_COOKIE[$this->clean_input_keys($key)] = $this->clean_input_data($val);
         } else {
             $_COOKIE = array();
         // Create a singleton
         self::$instance = $this;
         Eight::log('debug', 'Global GET, POST and COOKIE data sanitized');
     // Assign global vars to request helper vars
     request::$get = $_GET;
     request::$post = $_POST;
     request::$input = array_merge(URI::instance()->segments(2, YES), $_REQUEST);
Exemplo n.º 17
 function socket_read($byte_count)
     $mqr = get_magic_quotes_runtime();
     $buffer = fread($this->socket, $byte_count);
     return $buffer;
Exemplo n.º 18
  * Create a new DiskKeyCache with the given $stream for cloning to make
  * InputByteStreams, and the given $path to save to.
  * @param Swift_KeyCache_KeyCacheInputStream $stream
  * @param string                             $path   to save to
 public function __construct(Swift_KeyCache_KeyCacheInputStream $stream, $path)
     $this->_stream = $stream;
     $this->_path = $path;
     if (function_exists('get_magic_quotes_runtime') && @get_magic_quotes_runtime() == 1) {
         $this->_quotes = true;
Exemplo n.º 19
  * Constructor.
 public function __construct()
     if (version_compare(PHP_VERSION, '5.4.0') < 0) {
         $this->magicQuotesGpc = @get_magic_quotes_gpc();
         $this->magicQuotesRuntime = @get_magic_quotes_runtime();
         $this->registerGlobals = @ini_get('register_globals');
Exemplo n.º 20
  * Create a new FileByteStream for $path.
  * @param string  $path
  * @param boolean $writable if true
 public function __construct($path, $writable = false)
     $this->_path = $path;
     $this->_mode = $writable ? 'w+b' : 'rb';
     if (function_exists('get_magic_quotes_runtime') && @get_magic_quotes_runtime() == 1) {
         $this->_quotes = true;
Exemplo n.º 21
  * Check the magic_quotes setting
  * @return boolean Enabled/not enabled
 private function checkMagicQuotes()
     if (get_magic_quotes_gpc() || get_magic_quotes_runtime()) {
         $this->throwError('SECURITY WARNING: magic_quotes is enabled! ' . 'Please consider disabling');
     } else {
         return true;
Exemplo n.º 22
function bhi_check_magic_quotes()
    if (get_magic_quotes_runtime() == 0 && get_magic_quotes_gpc() == 0) {
        return true;
    } else {
        return false;
  * Wrapper for get_magic_quotes_runtime
  * @since version 0.83
  * @return boolean
 static function get_magic_quotes_runtime()
     // Deprecated function(8192): Function get_magic_quotes_runtime() is deprecated
     if (PHP_VERSION_ID < 50400) {
         return get_magic_quotes_runtime();
     return 0;
function insql1($in)
    if (get_magic_quotes_runtime()) {
        return $in;
    } else {
        return addslashes($in);
Exemplo n.º 25
  * Gets the current configuration setting of magic_quotes_gpc.
  * And gets the current active configuration setting of magic_quotes_runtime
 function c_get_magic_quotes()
     if (c_version_compare("5.4.0")) {
         return (bool) (get_magic_quotes_gpc() || get_magic_quotes_runtime() ? true : false);
     } else {
         return false;
Exemplo n.º 26
  * Check magic quote and disable it
 private function checkMagicQuoteRuntime()
     // Check for magic quotes
     if (get_magic_quotes_runtime()) {
         // Oh god! Danger. Magic quote deprecated. Sort it out.
Exemplo n.º 27
  * Constructor. Sanitizes global data GET, POST and COOKIE data.
  * Also makes sure those pesty magic quotes and register globals
  * don't bother us. This is protected because it really only needs
  * to be run once.
  * @return void
 protected function __construct()
     if (self::$instance === NULL) {
         // Check for magic quotes
         if (get_magic_quotes_runtime()) {
             // Dear lord!! This is bad and deprected. Sort it out ;)
         if (get_magic_quotes_gpc()) {
             // This is also bad and deprected. See http://php.net/magic_quotes for more information.
             $this->magic_quotes_gpc = TRUE;
         // Check for register globals and prevent security issues from arising.
         if (ini_get('register_globals')) {
             if (isset($_REQUEST['GLOBALS'])) {
                 // No no no.. just kill the script here and now
                 exit('Illegal attack on global variable.');
             // Get rid of REQUEST
             $_REQUEST = array();
             // The following globals are standard and shouldn't really be removed
             $preserve = array('GLOBALS', '_REQUEST', '_GET', '_POST', '_FILES', '_COOKIE', '_SERVER', '_ENV', '_SESSION');
             // Same effect as disabling register_globals
             foreach ($GLOBALS as $key => $value) {
                 if (!in_array($key, $preserve)) {
                     global ${$key};
                     ${$key} = NULL;
                     unset($GLOBALS[$key], ${$key});
         // Sanitize global data
         if (is_array($_POST)) {
             foreach ($_POST as $key => $value) {
                 $_POST[$this->clean_input_keys($key)] = $this->clean_input_data($value);
         } else {
             $_POST = array();
         if (is_array($_GET)) {
             foreach ($_GET as $key => $value) {
                 $_GET[$this->clean_input_keys($key)] = $this->clean_input_data($value);
         } else {
             $_GET = array();
         if (is_array($_COOKIE)) {
             foreach ($_COOKIE as $key => $value) {
                 $_COOKIE[$this->clean_input_keys($key)] = $this->clean_input_data($value);
         } else {
             $_COOKIE = array();
         // Just make REQUEST a merge of POST and GET. Who really wants cookies in it anyway?
         $_REQUEST = array_merge($_GET, $_POST);
         self::$instance = $this;
  * Constructor.
  * Initialize parser and set parser options.
 function XMLParser()
     // magic_quotes_runtime must be disabled for XML parsing
     $this->magicQuotes = get_magic_quotes_runtime();
     if ($this->magicQuotes) {
     $this->errors = array();
Exemplo n.º 29
  * Constructor
  * Sets up the database connection.
  * Can pass in the hostname, username, password and database name if you want to.
  * If you don't it will set up the base class, then you'll have to call Connect yourself.
  * @param String $hostname Name of the server to connect to.
  * @param String $username Username to connect to the server with.
  * @param String $password Password to connect with.
  * @param String $databasename Database name to connect to.
  * @see Connect
  * @see GetError
  * @return Mixed Returns false if no connection can be made - the error can be fetched by the Error() method. Returns the connection result if it can be made. Will return Null if you don't pass in the connection details.
 function Oci8Db($hostname = '', $username = '', $password = '', $databasename = '')
     $this->magic_quotes_runtime_on = get_magic_quotes_runtime();
     if ($hostname && $username && $databasename) {
         $connection = $this->Connect($hostname, $username, $password, $databasename);
         return $connection;
     return null;
Exemplo n.º 30
  * Sanitizes global GET, POST and COOKIE data. Also takes care of
  * magic_quotes and register_globals, if they have been enabled.
  * @return  void
 public function __construct()
     // Convert all global variables to Kohana charset
     $_GET = Input::clean($_GET);
     $_POST = Input::clean($_POST);
     $_COOKIE = Input::clean($_COOKIE);
     $_SERVER = Input::clean($_SERVER);
     if (Kohana::$server_api === 'cli') {
         // Convert command line arguments
         $_SERVER['argv'] = Input::clean($_SERVER['argv']);
     // Use XSS clean?
     $this->use_xss_clean = (bool) Kohana::config('core.global_xss_filtering');
     if (Input::$instance === NULL) {
         // magic_quotes_runtime is enabled
         if (get_magic_quotes_runtime()) {
             Kohana_Log::add('debug', 'Disable magic_quotes_runtime! It is evil and deprecated: http://php.net/magic_quotes');
         // magic_quotes_gpc is enabled
         if (get_magic_quotes_gpc()) {
             $this->magic_quotes_gpc = TRUE;
             Kohana_Log::add('debug', 'Disable magic_quotes_gpc! It is evil and deprecated: http://php.net/magic_quotes');
         if (is_array($_GET)) {
             foreach ($_GET as $key => $val) {
                 // Sanitize $_GET
                 $_GET[$this->clean_input_keys($key)] = $this->clean_input_data($val);
         } else {
             $_GET = array();
         if (is_array($_POST)) {
             foreach ($_POST as $key => $val) {
                 // Sanitize $_POST
                 $_POST[$this->clean_input_keys($key)] = $this->clean_input_data($val);
         } else {
             $_POST = array();
         if (is_array($_COOKIE)) {
             foreach ($_COOKIE as $key => $val) {
                 // Ignore special attributes in RFC2109 compliant cookies
                 if ($key == '$Version' or $key == '$Path' or $key == '$Domain') {
                 // Sanitize $_COOKIE
                 $_COOKIE[$this->clean_input_keys($key)] = $this->clean_input_data($val);
         } else {
             $_COOKIE = array();
         // Create a singleton
         Input::$instance = $this;
         Kohana_Log::add('debug', 'Global GET, POST and COOKIE data sanitized');