aboutsummaryrefslogtreecommitdiffstats
path: root/include/common.inc.php
diff options
context:
space:
mode:
authorrvelices <rv-github@modusoptimus.com>2008-10-18 00:45:45 +0000
committerrvelices <rv-github@modusoptimus.com>2008-10-18 00:45:45 +0000
commit90be9fbb84623095a360cfa6e9c1955a891eeba5 (patch)
tree0b61f9e6a0372b6662866a3bd0dd9b746b0f430a /include/common.inc.php
parentfaa543851ba9fc25ffb0d25a7876d4486757f21a (diff)
- merge rev 2765,2769 from branch 2.0
* 2765 mysql potential injection paranoia + code compaction in common.inc.php * 2769 added an image sort order by privacy level (admins only) * 2769 fix an IE6 display issue with quick search on index page git-svn-id: http://piwigo.org/svn/trunk@2770 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--include/common.inc.php61
1 files changed, 9 insertions, 52 deletions
diff --git a/include/common.inc.php b/include/common.inc.php
index cbe1d6d89..0b1a2b581 100644
--- a/include/common.inc.php
+++ b/include/common.inc.php
@@ -36,64 +36,21 @@ set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
//
if( !get_magic_quotes_gpc() )
{
+ function sanitize_mysql_kv(&$v, $k)
+ {
+ $v = addslashes($v);
+ }
if( is_array( $_GET ) )
{
- while( list($k, $v) = each($_GET) )
- {
- if( is_array($_GET[$k]) )
- {
- while( list($k2, $v2) = each($_GET[$k]) )
- {
- $_GET[$k][$k2] = addslashes($v2);
- }
- @reset($_GET[$k]);
- }
- else
- {
- $_GET[$k] = addslashes($v);
- }
- }
- @reset($_GET);
+ array_walk_recursive( $_GET, 'sanitize_mysql_kv' );
}
-
- if( is_array($_POST) )
+ if( is_array( $_POST ) )
{
- while( list($k, $v) = each($_POST) )
- {
- if( is_array($_POST[$k]) )
- {
- while( list($k2, $v2) = each($_POST[$k]) )
- {
- $_POST[$k][$k2] = addslashes($v2);
- }
- @reset($_POST[$k]);
- }
- else
- {
- $_POST[$k] = addslashes($v);
- }
- }
- @reset($_POST);
+ array_walk_recursive( $_POST, 'sanitize_mysql_kv' );
}
-
- if( is_array($_COOKIE) )
+ if( is_array( $_COOKIE ) )
{
- while( list($k, $v) = each($_COOKIE) )
- {
- if( is_array($_COOKIE[$k]) )
- {
- while( list($k2, $v2) = each($_COOKIE[$k]) )
- {
- $_COOKIE[$k][$k2] = addslashes($v2);
- }
- @reset($_COOKIE[$k]);
- }
- else
- {
- $_COOKIE[$k] = addslashes($v);
- }
- }
- @reset($_COOKIE);
+ array_walk_recursive( $_COOKIE, 'sanitize_mysql_kv' );
}
}
if ( !empty($_SERVER["PATH_INFO"]) )