From af6655596938066fcbf890486026bc5e78f996e3 Mon Sep 17 00:00:00 2001
From: Sebastian Mendel <cybot_tm@users.sourceforge.net>
Date: Sat, 26 Nov 2005 06:11:48 +0000
Subject: [PATCH] argh! now really!

---
 libraries/grab_globals.lib.php | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/libraries/grab_globals.lib.php b/libraries/grab_globals.lib.php
index f5fa35c40..916f0cd41 100644
--- a/libraries/grab_globals.lib.php
+++ b/libraries/grab_globals.lib.php
@@ -184,19 +184,16 @@ if ( $__redirect || ! defined( 'PMA_NO_VARIABLES_IMPORT' ) ) {
 
 } else {
     
-    echo $goto . "-<br />\n";
-    echo $_REQUEST['goto'] . "-<br />\n";
-    echo $_GET['goto'] . "-<br />\n";
-    echo $_POST['goto'] . "-<br />\n";
-    
     // Security fix: disallow accessing serious server files via "?goto="
     if ( isset( $_REQUEST['goto'] )
       && strpos( $_REQUEST['goto'], '\\' ) !== false
       && strpos( $_REQUEST['goto'], '/' ) !== false ) {
-        unset( $_REQUEST['goto'], $_GET['goto'], $_POST['goto'] );
+        unset( $_REQUEST['goto'], $_GET['goto'], $_POST['goto'],
+            $_COOKIE['goto'] );
     } // end if
-    echo $_REQUEST['goto'] . "-<br />\n";
-    echo $_GET['goto'] . "-<br />\n";
-    echo $_POST['goto'] . "-<br />\n";
+    
+    array_walk( $_SERVER, 'strip_tags' );
+    array_walk( $_ENV, 'strip_tags' );
+    
 }
 ?>