nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

improve function name, comments and fix typos

Browse Source
This commit is contained in:
Marc Delisle
2008-02-23 20:39:33 +00:00
parent 50d6fbe1d7
commit 1288dbd6fc
1 changed files with 12 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
libraries/grab_globals.lib.php
View File

@@ -2,11 +2,9 @@
/* vim: set expandtab sw=4 ts=4 sts=4: */ /* vim: set expandtab sw=4 ts=4 sts=4: */
/** /**
* This library grabs the names and values of the variables sent or posted to a * This library grabs the names and values of the variables sent or posted to a
* script in the $_* arrays and sets simple globals variables from them. It does * script in $_GET, $_POST and $_FILES superglobals and sets simple globals
* the same work for the $PHP_SELF, $HTTP_ACCEPT_LANGUAGE and * variables from them. It does the same work for $HTTP_ACCEPT_LANGUAGE and
* $HTTP_AUTHORIZATION variables. * $HTTP_AUTHORIZATION.
*
* loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
* *
* @version $Id$ * @version $Id$
*/ */
@@ -23,7 +21,7 @@
* @param array $target values to * @param array $target values to
* @param boolean $sanitize prevent importing key names in $_import_blacklist * @param boolean $sanitize prevent importing key names in $_import_blacklist
*/ */
function PMA_gpc_extract($array, &$target, $sanitize = true) function PMA_recursive_extract($array, &$target, $sanitize = true)
{ {
if (! is_array($array)) { if (! is_array($array)) {
return false; return false;
@@ -48,7 +46,7 @@ function PMA_gpc_extract($array, &$target, $sanitize = true)
// another application, with the same name as this array // another application, with the same name as this array
unset($target[$key]); unset($target[$key]);
PMA_gpc_extract($array[$key], $target[$key], false); PMA_recursive_extract($array[$key], $target[$key], false);
} else { } else {
$target[$key] = $array[$key]; $target[$key] = $array[$key];
} }
@@ -82,11 +80,11 @@ $_import_blacklist = array(
); );
if (! empty($_GET)) { if (! empty($_GET)) {
PMA_gpc_extract($_GET, $GLOBALS); PMA_recursive_extract($_GET, $GLOBALS);
} }
if (! empty($_POST)) { if (! empty($_POST)) {
PMA_gpc_extract($_POST, $GLOBALS); PMA_recursive_extract($_POST, $GLOBALS);
} }
if (! empty($_FILES)) { if (! empty($_FILES)) {
@@ -105,13 +103,13 @@ if (! empty($_FILES)) {
*/ */
$server_vars = array('HTTP_ACCEPT_LANGUAGE', 'HTTP_AUTHORIZATION'); $server_vars = array('HTTP_ACCEPT_LANGUAGE', 'HTTP_AUTHORIZATION');
foreach ($server_vars as $current) { foreach ($server_vars as $current) {
// its not important HOW we detect html tags // it's not important HOW we detect html tags
// its more important to prevent XSS // it's more important to prevent XSS
// so its not important if we result in an invalid string, // so it's not important if we result in an invalid string,
// its even better than a XSS capable string // it's even better than a XSS capable string
if (PMA_getenv($current) && false === strpos(PMA_getenv($current), '<')) { if (PMA_getenv($current) && false === strpos(PMA_getenv($current), '<')) {
$$current = PMA_getenv($current); $$current = PMA_getenv($current);
// already importet by register_globals? // already imported by register_globals?
} elseif (! isset($$current) || false !== strpos($$current, '<')) { } elseif (! isset($$current) || false !== strpos($$current, '<')) {
$$current = ''; $$current = '';
} }