// Run only once this security check/exchange
if (defined('__SECURITY')) return;
-// Fatal messages goes here
-global $FATAL;
-$FATAL = array();
-
// Runtime/GPC quoting is off now...
@set_magic_quotes_runtime(false);
@ini_set('magic_quotes_gpc', false); // This may not work on some systems
$_POST = $GLOBALS['_POST'];
}
-if (!isset($_COOKIE)) {
- global $_COOKIE;
- $_COOKIE = $GLOBALS['_COOKIE'];
-}
-
// Include IP-Filter here
//require("/usr/share/php/ipfilter.php");
"{CLOSE_ANCHOR2}",
"{SLASH}",
"{DOT}",
- '{QUOT}',
+ "{QUOT}",
"{DOLLAR}",
"{OPEN_ANCHOR}",
"{CLOSE_ANCHOR}",
$_POST[$seckey] = strip_tags($_POST[$seckey]);
}
}
-
- // ... and finally cookies
- foreach ($_COOKIE as $seckey => $secvalue) {
- if (is_array($secvalue)) {
- // Throw arrays away...
- unset($_COOKIE[$seckey]);
- } else {
- // Only variables are allowed (non-array) but we secure them all!
- foreach ($SEC_CHARS['from'] as $key => $char) {
- // Pass all through
- $_COOKIE[$seckey] = str_replace($char , $SEC_CHARS['to'][$key], $_COOKIE[$seckey]);
- }
-
- // Strip all other out
- $_COOKIE[$seckey] = strip_tags($_COOKIE[$seckey]);
- }
- }
}
// Activate caching or transparent compressing when it is not already done