Menu
▾
▴
[mxbb-commits] mx_phpbb mx_phpbb.php,1.24,1.25
|
From: Florin C B. <ory...@us...> - 2010-10-09 20:51:44
|
Update of /cvsroot/mxbb/mx_phpbb In directory sfp-cvsdas-4.v30.ch3.sourceforge.com:/tmp/cvs-serv2192 Modified Files: mx_phpbb.php Log Message: Index: mx_phpbb.php =================================================================== RCS file: /cvsroot/mxbb/mx_phpbb/mx_phpbb.php,v retrieving revision 1.24 retrieving revision 1.25 diff -C2 -d -r1.24 -r1.25 *** mx_phpbb.php 24 Jan 2009 16:42:45 -0000 1.24 --- mx_phpbb.php 9 Oct 2010 20:51:36 -0000 1.25 *************** *** 35,38 **** --- 35,72 ---- $HTTP_POST_FILES = $_SESSION['mxbb_post_files']; + // + // addslashes to vars if magic_quotes_gpc is off + // this is a security precaution to prevent someone + // trying to break out of a SQL statement. + // If we are on PHP >= 6.0.0 we do not need some code + if (phpversion() >= '6.0.0-dev') + { + /** + * @ignore + */ + } + else if( !get_magic_quotes_gpc() ) + { + if( is_array($HTTP_POST_VARS) ) + { + while( list($k, $v) = each($HTTP_POST_VARS) ) + { + if( is_array($HTTP_POST_VARS[$k]) ) + { + while( list($k2, $v2) = each($HTTP_POST_VARS[$k]) ) + { + $HTTP_POST_VARS[$k][$k2] = addslashes($v2); + } + @reset($HTTP_POST_VARS[$k]); + } + else + { + $HTTP_POST_VARS[$k] = addslashes($v); + } + } + @reset($HTTP_POST_VARS); + } + } + $default_lang = ($mx_user->lang['default_lang']) ? $mx_user->lang['default_lang'] : $board_config['default_lang']; |
