3 Outdated and bogus PHP settings (register_globals and magic_quotes) are
4 defended by this script, so code cannot be negatively impacted. It can
5 always be loaded as it doesn't cause problems or speed disadvantages on
6 correctly configured servers. THE "PHP.INI" SHOULD BE FIXED PREFERABLY.
9 #-- strike register_globals (injected variables)
10 if (ini_get("register_globals") == "1") {
11 ewiki_recursive_unset($GLOBALS, $_REQUEST);
12 ini_set("register_globals", 0);
15 #-- strip any \'s if magic_quotes (variable garbaging) is still enabled
16 if (ini_get("magic_quotes_gpc") && get_magic_quotes_gpc()) {
17 ewiki_recursive_stripslashes($_REQUEST);
18 ewiki_recursive_stripslashes($_GET);
19 ewiki_recursive_stripslashes($_POST);
20 ewiki_recursive_stripslashes($_COOKIE);
21 ewiki_recursive_stripslashes($_ENV);
22 ewiki_recursive_stripslashes($_SERVER);
23 ini_set("magic_quotes_gpc", 0);
26 #-- now that one is really dumb
27 set_magic_quotes_runtime(0);
31 function ewiki_recursive_unset(&$TO, $FROM) {
32 foreach ($FROM as $var=>$value) {
33 if (isset($TO[$var]) && ($TO[$var]==$FROM[$var])) {
38 function ewiki_recursive_stripslashes(&$var) {
40 foreach ($var as $key=>$item) {
41 ewiki_recursive_stripslashes($var[$key]);
45 $var = stripslashes($var);