- }
- else
- {
- // Only variables are allowed (non-array) but we secure them all!
- foreach ($SEC_CHARS['from'] as $key=>$char)
- {
- // Pass all through
- $_GET[$seckey] = str_replace($char , $SEC_CHARS['to'][$key], $_GET[$seckey]);
- }
-
- // Strip all other out
- $_GET[$seckey] = strip_tags($_GET[$seckey]);
- }
- }
-}
-
-if (basename($_SERVER['PHP_SELF']) != "install.php")
-{
- // And POST data
- foreach ($_POST as $seckey=>$secvalue)
- {
- if (!is_array($secvalue))
- {
- // Only variables are allowed (non-array) to be secured...
- foreach ($SEC_CHARS['from'] as $key=>$char)
- {
- // Pass all through
- $_POST[$seckey] = str_replace($char , $SEC_CHARS['to'][$key], $_POST[$seckey]);
- }
-
- // Strip all other out
- $_POST[$seckey] = strip_tags($_POST[$seckey]);
- }
- }
-
- // ... and finally cookies
- foreach ($_SESSION as $seckey=>$secvalue)
- {
- if (is_array($secvalue))
- {
- // Throw arrays away...
- unset($_SESSION[$seckey]);
- }
- else
- {