nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

improve function name, comments and fix typos

Browse Source
This commit is contained in:
Marc Delisle
2008-02-23 20:39:33 +00:00
parent 50d6fbe1d7
commit 1288dbd6fc
1 changed files with 12 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
libraries/grab_globals.lib.php
View File

@@ -2,11 +2,9 @@
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* This library grabs the names and values of the variables sent or posted to a
* script in the $_* arrays and sets simple globals variables from them. It does
* the same work for the $PHP_SELF, $HTTP_ACCEPT_LANGUAGE and
* $HTTP_AUTHORIZATION variables.
*
* loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
* script in $_GET, $_POST and $_FILES superglobals and sets simple globals
* variables from them. It does the same work for $HTTP_ACCEPT_LANGUAGE and
* $HTTP_AUTHORIZATION.
*
* @version $Id$
*/
@@ -23,7 +21,7 @@
* @param array $target values to
* @param boolean $sanitize prevent importing key names in $_import_blacklist
*/
function PMA_gpc_extract($array, &$target, $sanitize = true)
function PMA_recursive_extract($array, &$target, $sanitize = true)
{
if (! is_array($array)) {
return false;
@@ -48,7 +46,7 @@ function PMA_gpc_extract($array, &$target, $sanitize = true)
// another application, with the same name as this array
unset($target[$key]);
PMA_gpc_extract($array[$key], $target[$key], false);
PMA_recursive_extract($array[$key], $target[$key], false);
} else {
$target[$key] = $array[$key];
}
@@ -82,11 +80,11 @@ $_import_blacklist = array(
);
if (! empty($_GET)) {
PMA_gpc_extract($_GET, $GLOBALS);
PMA_recursive_extract($_GET, $GLOBALS);
}
if (! empty($_POST)) {
PMA_gpc_extract($_POST, $GLOBALS);
PMA_recursive_extract($_POST, $GLOBALS);
}
if (! empty($_FILES)) {
@@ -105,13 +103,13 @@ if (! empty($_FILES)) {
*/
$server_vars = array('HTTP_ACCEPT_LANGUAGE', 'HTTP_AUTHORIZATION');
foreach ($server_vars as $current) {
// its not important HOW we detect html tags
// its more important to prevent XSS
// so its not important if we result in an invalid string,
// its even better than a XSS capable string
// it's not important HOW we detect html tags
// it's more important to prevent XSS
// so it's not important if we result in an invalid string,
// it's even better than a XSS capable string
if (PMA_getenv($current) && false === strpos(PMA_getenv($current), '<')) {
$$current = PMA_getenv($current);
// already importet by register_globals?
// already imported by register_globals?
} elseif (! isset($$current) || false !== strpos($$current, '<')) {
$$current = '';
}