From 7837b2e934519f9abc0a923e3da3189962141c2b Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Sat, 19 Sep 2020 14:27:38 -0400 Subject: [PATCH] Remove magic_quotes and register_globals support. --- framework/kernel.php | 80 ++++---------------------------------------- 1 file changed, 6 insertions(+), 74 deletions(-) diff --git a/framework/kernel.php b/framework/kernel.php index 8c5513f..fa72d08 100644 --- a/framework/kernel.php +++ b/framework/kernel.php @@ -26,12 +26,6 @@ * @package ISSO */ -if (!function_exists('version_compare')) -{ - trigger_error('You need PHP version 4.1.0 or newer to run ISSO', E_USER_ERROR); - exit; -} - // when we are PHP5-nat instead of PHP5-compat, we can remove this if (version_compare(PHP_VERSION, '5.0.0', '>=')) { @@ -45,24 +39,6 @@ if (version_compare(PHP_VERSION, '5.0.0', '>=')) } } -if ((bool)ini_get('register_globals') === true) -{ - $superglobals = array('_GET', '_COOKIE', '_FILES', '_POST', '_SERVER', '_ENV'); - foreach ($superglobals AS $global) - { - if (is_array(${$global})) - { - foreach (${$global} AS $_key => $_val) - { - if (isset(${$_key})) - { - unset(${$_key}); - } - } - } - } -} - $oldlevel = ini_get('error_reporting'); $newlevel = $oldlevel; $levels = array(E_ERROR => E_USER_ERROR, E_WARNING => E_USER_WARNING, E_NOTICE => E_USER_NOTICE); @@ -233,13 +209,6 @@ class ISSO */ var $in = array(); - /** - * If we are running with magic_quotes_gpc on or off - * @var int - * @access private - */ - var $magicquotes = 0; - // ################################################################### /** * Constructor @@ -251,14 +220,6 @@ class ISSO // error reporting set_error_handler(array(&$this, '_error_handler')); - // magic quotes - $this->magicquotes = get_magic_quotes_gpc(); - set_magic_quotes_runtime(0); - - // some debug info that's always useful - $this->debug('magic_quotes_gpc = ' . $this->magicquotes); - $this->debug('register_globals = ' . ini_get('register_globals')); - // attempt to set the sourcepath $path = call_user_func('debug_backtrace'); $this->setSourcePath(str_replace('kernel.php', '', $path[0]['file'])); @@ -831,10 +792,6 @@ class ISSO } else { - if ($this->magicquotes) - { - $value = str_replace("\'", "'", $value); - } $data["$key"] = $this->sanitize($value); } } @@ -853,14 +810,7 @@ class ISSO */ function sanitize($text) { - if ($this->magicquotes) - { - return str_replace(array('<', '>', '\"', '"'), array('<', '>', '"', '"'), $text); - } - else - { - return str_replace(array('<', '>', '"'), array('<', '>', '"'), $text); - } + return str_replace(array('<', '>', '"'), array('<', '>', '"'), $text); } // ################################################################### @@ -905,28 +855,17 @@ class ISSO * @access public * * @param string Some string - * @param bool Force magic quotes to be off + * @param bool ignored * * @return string String that has slashes added */ function escape($str, $force = true) { - if ($this->magicquotes AND !$force) - { - if (isset($this->modules[ISSO_DB_LAYER])) - { - return $this->modules[ISSO_DB_LAYER]->escape_string(str_replace(array("\'", '\"'), array("'", '"'), $str)); - } - return $str; - } - else + if (isset($this->modules[ISSO_DB_LAYER])) { - if (isset($this->modules[ISSO_DB_LAYER])) - { - return $this->modules[ISSO_DB_LAYER]->escape_string($str); - } - return addslashes($str); + return $this->modules[ISSO_DB_LAYER]->escape_string($str); } + return addslashes($str); } // ################################################################### @@ -1054,14 +993,7 @@ class ISSO } else if ($type == TYPE_NOCLEAN) { - if ($this->magicquotes) - { - $value = str_replace(array('\"', "\'"), array('"', "'"), $value); - } - else - { - $value = $value; - } + $value = $value; } else if ($type == TYPE_BIN) { -- 2.43.5