- foreach ($SEC_CHARS['from'] as $key => $char) {
- // Pass all through
- $_GET[$seckey] = str_replace($char , $SEC_CHARS['to'][$key], $_GET[$seckey]);
- }
-
- // Strip all other out
- $_GET[$seckey] = strip_tags($_GET[$seckey]);
- }
- }
-}
-
-if (basename($_SERVER['PHP_SELF']) != "install.php") {
- // And POST data
- foreach ($_POST as $seckey => $secvalue) {
- if (!is_array($secvalue)) {
- // Only variables are allowed (non-array) to be secured...
- foreach ($SEC_CHARS['from'] as $key => $char) {
- // Pass all through
- $_POST[$seckey] = str_replace($char , $SEC_CHARS['to'][$key], $_POST[$seckey]);
- }
-
- // Strip all other out
- $_POST[$seckey] = strip_tags($_POST[$seckey]);
- }
- }
-
- // ... and finally cookies
- foreach ($_COOKIE as $seckey => $secvalue) {
- if (is_array($secvalue)) {
- // Throw arrays away...
- unset($_COOKIE[$seckey]);
- } else {
- // Only variables are allowed (non-array) but we secure them all!
- foreach ($SEC_CHARS['from'] as $key => $char) {