- mysql potential injection paranoia + code compaction in common.inc.php

git-svn-id: http://piwigo.org/svn/branches/2.0@2765 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
rvelices
2008-10-17 01:06:00 +00:00
parent 376bd21335
commit 93313d760c
2 changed files with 15 additions and 56 deletions
+9 -52
View File
@@ -36,64 +36,21 @@ set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
//
if( !get_magic_quotes_gpc() )
{
function sanitize_mysql_kv(&$v, $k)
{
$v = addslashes($v);
}
if( is_array( $_GET ) )
{
while( list($k, $v) = each($_GET) )
{
if( is_array($_GET[$k]) )
{
while( list($k2, $v2) = each($_GET[$k]) )
{
$_GET[$k][$k2] = addslashes($v2);
}
@reset($_GET[$k]);
}
else
{
$_GET[$k] = addslashes($v);
}
}
@reset($_GET);
array_walk_recursive( $_GET, 'sanitize_mysql_kv' );
}
if( is_array($_POST) )
if( is_array( $_POST ) )
{
while( list($k, $v) = each($_POST) )
{
if( is_array($_POST[$k]) )
{
while( list($k2, $v2) = each($_POST[$k]) )
{
$_POST[$k][$k2] = addslashes($v2);
}
@reset($_POST[$k]);
}
else
{
$_POST[$k] = addslashes($v);
}
}
@reset($_POST);
array_walk_recursive( $_POST, 'sanitize_mysql_kv' );
}
if( is_array($_COOKIE) )
if( is_array( $_COOKIE ) )
{
while( list($k, $v) = each($_COOKIE) )
{
if( is_array($_COOKIE[$k]) )
{
while( list($k2, $v2) = each($_COOKIE[$k]) )
{
$_COOKIE[$k][$k2] = addslashes($v2);
}
@reset($_COOKIE[$k]);
}
else
{
$_COOKIE[$k] = addslashes($v);
}
}
@reset($_COOKIE);
array_walk_recursive( $_COOKIE, 'sanitize_mysql_kv' );
}
}
if ( !empty($_SERVER["PATH_INFO"]) )