Menu
▾
▴
[mxbb-commits] core/install mx_install.php,1.79.2.2,1.79.2.3
|
From: OryNider <ory...@us...> - 2008-02-07 03:03:34
|
Update of /cvsroot/mxbb/core/install In directory sc8-pr-cvs16.sourceforge.net:/tmp/cvs-serv20600 Modified Files: Tag: core28x mx_install.php Log Message: finished fixing mx_install Index: mx_install.php =================================================================== RCS file: /cvsroot/mxbb/core/install/mx_install.php,v retrieving revision 1.79.2.2 retrieving revision 1.79.2.3 diff -C2 -d -r1.79.2.2 -r1.79.2.3 *** mx_install.php 7 Feb 2008 01:34:59 -0000 1.79.2.2 --- mx_install.php 7 Feb 2008 03:03:25 -0000 1.79.2.3 *************** *** 74,78 **** error_reporting(E_ALL ^ E_NOTICE); error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables ! include($mx_root_path . 'modules/mx_shared/ErrorHandler/prepend.php'); // For nice error output // ================================================================================ --- 74,78 ---- error_reporting(E_ALL ^ E_NOTICE); error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables ! include($mx_root_path . "modules/mx_shared/ErrorHandler/prepend.$phpEx"); // For nice error output // ================================================================================ *************** *** 124,131 **** if (isset($not_unset[$varname])) { ! // Hacking attempt. No point in continuing unless it's a COOKIE ! if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS'])) { ! //exit; //this will die is php5 save mode } else --- 124,131 ---- if (isset($not_unset[$varname])) { ! // Hacking attempt. No point in continuing unless it's a COOKIE //removed for mx_install: $varname !== 'GLOBALS' || ! if (isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS'])) { ! die("Hacking attempt. No point in continuing couse regiters globals can't be turned off plus you have save mode restrictions and there is no COOKIE."); } else *************** *** 172,178 **** --- 172,180 ---- } + // The following code (unsetting globals) // Thanks to Matt Kavanagh and Stefan Esser for providing feedback as well as patch files + // PHP5 with register_long_arrays off? if (@phpversion() >= '5.0.0' && (!@ini_get('register_long_arrays') || @ini_get('register_long_arrays') == '0' || strtolower(@ini_get('register_long_arrays')) == 'off')) *************** *** 192,195 **** --- 194,198 ---- } + // Protect against GLOBALS tricks if (isset($HTTP_POST_VARS['GLOBALS']) || isset($HTTP_POST_FILES['GLOBALS']) || isset($HTTP_GET_VARS['GLOBALS']) || isset($HTTP_COOKIE_VARS['GLOBALS'])) *************** *** 204,241 **** } - if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') - { - // PHP4+ path - $not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx'); - - // Not only will array_merge give a warning if a parameter - // is not an array, it will actually fail. So we check if - // HTTP_SESSION_VARS has been initialised. - if (!isset($HTTP_SESSION_VARS) || !is_array($HTTP_SESSION_VARS)) - { - $HTTP_SESSION_VARS = array(); - } - - // Merge all into one extremely huge array; unset - // this later - // - // Note! Since array_merge() destroys numerical keys - if the array is numerically indexed, the keys get reindexed in a continuous way - we use the + operator instead - // - $input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES); - //$input = $HTTP_GET_VARS + $HTTP_POST_VARS + $HTTP_COOKIE_VARS + $HTTP_SERVER_VARS + $HTTP_SESSION_VARS + $HTTP_ENV_VARS + $HTTP_POST_FILES; - - unset($input['input']); - unset($input['not_unset']); - - while (list($var,) = @each($input)) - { - if (in_array($var, $not_unset)) - { - die('Hacking attempt!'); - } - unset($$var); - } - unset($input); - } // --- 207,210 ---- |
