From 4730ce3242d014b5f484b153c23e2178e8beaba3 Mon Sep 17 00:00:00 2001
From: Robert Sesek <rsesek@bluestatic.org>
Date: Sat, 22 Jan 2005 22:36:23 +0000
Subject: [PATCH] Strip registered globals. Make _isso::sanitize
 _isso::unsanitize behave like they're magically escaping data if magic quotes
 is enabled.

---
 kernel.php | 36 ++++++++++++++++++++++++++++++++++--
 1 file changed, 34 insertions(+), 2 deletions(-)

diff --git a/kernel.php b/kernel.php
index fb3a0b7..aad9db9 100644
--- a/kernel.php
+++ b/kernel.php
@@ -14,6 +14,24 @@ define('ERR_FATAL', E_USER_ERROR);
 define('ERR_ERROR', E_USER_WARNING);
 define('ERR_WARNING', E_USER_NOTICE);
 
+if ((bool)ini_get('register_globals') === true)
+{
+	$superglobals = array('_GET', '_COOKIE', '_FILES', '_POST', '_SERVER', '_ENV');
+	foreach ($superglobals AS $global)
+	{
+		if (is_array(${$global}))
+		{
+			foreach (${$global} AS $_key => $_val)
+			{
+				if (isset(${$_key}))
+				{
+					unset(${$_key});
+				}
+			}
+		}
+	}
+}
+
 /**
 * Iris Studios Shared Object Framework (ISSO)
 *
@@ -307,7 +325,14 @@ class Shared_Object_Framework
 	*/
 	function sanitize($text)
 	{
-		return str_replace(array('<', '>', '"'), array('&lt;', '&gt;', '&quot;'), $text);
+		if ($this->magicquotes)
+		{
+			return str_replace(array('<', '>', '\"', '"'), array('&lt;', '&gt;', '&quot;', '&quot;'), $text);
+		}
+		else
+		{
+			return str_replace(array('<', '>', '"'), array('&lt;', '&gt;', '&quot;'), $text);
+		}
 	}
 	
 	/**
@@ -319,7 +344,14 @@ class Shared_Object_Framework
 	*/
 	function unsanitize($text)
 	{
-		return str_replace(array('&lt;', '&gt;', '&quot;'), array('<', '>', '"'), $text);
+		if ($this->magicquotes)
+		{
+			return str_replace(array('&lt;', '&gt;', '&quot;'), array('<', '>', '\"'), $text);
+		}
+		else
+		{
+			return str_replace(array('&lt;', '&gt;', '&quot;'), array('<', '>', '"'), $text);
+		}
 	}
 	
 	/**
-- 
2.22.5