X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Flibs%2Fsecurity_functions.php;h=1bdae656709613e56e3d5c2433ae543f78ae96bf;hb=refs%2Fheads%2Fserver-0.2.1-FINAL%2Fwernis4mails-de;hp=2c0ca74bff50a8fc224c7e5f7f0abc2d2328b21b;hpb=6b1e55213d76a67e9aa3d9f1e4dcb55e0bbf12ee;p=mailer.git

diff --git a/inc/libs/security_functions.php b/inc/libs/security_functions.php
index 2c0ca74bff..1bdae65670 100644
--- a/inc/libs/security_functions.php
+++ b/inc/libs/security_functions.php
@@ -16,7 +16,7 @@
  * $Author::                                                          $ *
  * -------------------------------------------------------------------- *
  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
- * Copyright (c) 2009 - 2013 by Mailer Developer Team                   *
+ * Copyright (c) 2009 - 2016 by Mailer Developer Team                   *
  * For more information visit: http://mxchange.org                      *
  *                                                                      *
  * This program is free software; you can redistribute it and/or modify *
@@ -46,8 +46,8 @@ if (strpos($_SERVER['PHP_SELF'], basename(__FILE__)) !== FALSE) {
 } // END - if
 
 // Include ctracker, recommended place!
-//require_once('ctracker.php');
-//require_once('ipfilter.php');
+require_once('ctracker.php');
+require_once('ipfilter.php');
 
 /**
  * Function to secure input strings
@@ -163,17 +163,17 @@ if (isPhpVersionEqualNewer('5.0')) {
 } // END - if
 
 // Check if important arrays are found and define them if missing
-if (!isset($_SERVER)) {
+if ((!isset($_SERVER)) || (!is_array($_SERVER))) {
 	global $_SERVER;
 	$_SERVER = $GLOBALS['_SERVER'];
 } // END - if
 
-if (!isset($_GET)) {
+if ((!isset($_GET)) || (!is_array($_GET))) {
 	global $_GET;
 	$_GET = $GLOBALS['_GET'];
 } // END - if
 
-if (!isset($_POST)) {
+if ((!isset($_POST)) || (!is_array($_POST))) {
 	global $_POST;
 	$_POST = $GLOBALS['_POST'];
 } // END - if
@@ -226,10 +226,10 @@ $GLOBALS['url_chars'] = array(
 if (is_array($_GET)) {
 	foreach ($_GET as $seckey => $secvalue) {
 		if (is_array($secvalue)) {
-			// Throw arrays away...
+			// Throw arrays away ...
 			unset($_GET[$seckey]);
 		} else {
-			// Only variables are allowed (non-array) but we secure them all!
+			// Only variables are allowed (non-array) but we secure them all.
 			$_GET[$seckey] = str_replace($GLOBALS['security_chars']['from'], $GLOBALS['security_chars']['to'], $_GET[$seckey]);
 
 			// Strip all other out