function wfArrayMap($function, $input) { $ret = array_map($function, $input); foreach ($ret as $key => $value) { $taint = istainted($input[$key]); if ($taint) { taint($ret[$key], $taint); } } return $ret; }
/** * Fetch a value from the given array or return $default if it's not set. * * @param $arr array * @param $name string * @param $default mixed * @return mixed */ private function getGPCVal($arr, $name, $default) { # PHP is so nice to not touch input data, except sometimes: # http://us2.php.net/variables.external#language.variables.external.dot-in-names # Work around PHP *feature* to avoid *bugs* elsewhere. $name = strtr($name, '.', '_'); if (isset($arr[$name])) { global $wgContLang; $data = $arr[$name]; if (isset($_GET[$name]) && !is_array($data)) { # Check for alternate/legacy character encoding. if (isset($wgContLang)) { $data = $wgContLang->checkTitleEncoding($data); } } $data = $this->normalizeUnicode($data); return $data; } else { taint($default); return $default; } }
/** * Fetch a value from the given array or return $default if it's not set. * * @param $arr array * @param $name string * @param $default mixed * @return mixed * @private */ function getGPCVal($arr, $name, $default) { if (isset($arr[$name])) { global $wgContLang; $data = $arr[$name]; if (isset($_GET[$name]) && !is_array($data)) { # Check for alternate/legacy character encoding. if (isset($wgContLang)) { $data = $wgContLang->checkTitleEncoding($data); } } $data = $this->normalizeUnicode($data); return $data; } else { taint($default); return $default; } }