02-29-2008, 09:56 PM
|
#3 (permalink)
|
|
The Frequenter
Join Date: Apr 2005
Location: South UK
Posts: 483
Thanks: 51
|
Hi Marxx,
See below, I have added inline comments to your code:
PHP Code:
<?php
// The $HTTP_x_VARS superglobal array was replaced by $_POST, $_GET, etc a while
// ago. This block of code just checks to see if the $HTTP_x_VARS are set and if
// they aren't, it sets them using the new $_POST/GET/etc superglobals.
if (!isset($HTTP_POST_VARS) && isset($_POST))
{
$HTTP_POST_VARS = $_POST;
$HTTP_GET_VARS = $_GET;
$HTTP_SERVER_VARS = $_SERVER;
$HTTP_COOKIE_VARS = $_COOKIE;
$HTTP_ENV_VARS = $_ENV;
$HTTP_POST_FILES = $_FILES;
}
// Magic Quotes is a PHP settings that will automaticly escape quotes in input.
// For example, it will turn ' into \' which (in theory) makes it safe to put
// into a database (it doesn't).
//
// get_magic_quotes_gpc() checks if Magic Quotes are turned on or off. This
// block will only run if Magic Quotes is turned on (in php.ini)
if (get_magic_quotes_gpc())
{
// This block un-escapes the values - ie, \' would become '
if (!empty($_GET)) { $_GET = strip_magic_quotes($_GET); }
if (!empty($_POST)) { $_POST = strip_magic_quotes($_POST); }
if (!empty($_COOKIE)) { $_COOKIE = strip_magic_quotes($_COOKIE); }
}
// This block will only run if Magic Quotes are turned off
if( !get_magic_quotes_gpc() )
{
// Check that $HTTP_GET_VARS (aka, $_GET) contains some values
if( is_array($HTTP_GET_VARS) )
{
// ... Then loop through it
while( list($k, $v) = each($HTTP_GET_VARS) )
{
// ... If it find another array ...
if( is_array($HTTP_GET_VARS[$k]) )
{
// ... Then loop through it
while( list($k2, $v2) = each($HTTP_GET_VARS[$k]) )
{
// Use the addslashes() function to escape quotes (ie, ' becomes \')
$HTTP_GET_VARS[$k][$k2] = addslashes($v2);
}
@reset($HTTP_GET_VARS[$k]);
}
else
{
// Use the addslashes() function to escape quotes (ie, ' becomes \')
$HTTP_GET_VARS[$k] = addslashes($v);
}
}
// Arrays contain an internal 'pointer' which tells PHP what element
// in the array we are currnetly using - reset() just resets that back
// to 0
@reset($HTTP_GET_VARS);
}
// See above - it now does exactly the same for the $HTTP_POST_VARS / $_POST array
if( is_array($HTTP_POST_VARS) )
{
while( list($k, $v) = each($HTTP_POST_VARS) )
{
if( is_array($HTTP_POST_VARS[$k]) )
{
while( list($k2, $v2) = each($HTTP_POST_VARS[$k]) )
{
$HTTP_POST_VARS[$k][$k2] = addslashes($v2);
}
@reset($HTTP_POST_VARS[$k]);
}
else
{
$HTTP_POST_VARS[$k] = addslashes($v);
}
}
@reset($HTTP_POST_VARS);
}
// And now for the $HTTP_COOKIE_VARS / $_COOKIE array
if( is_array($HTTP_COOKIE_VARS) )
{
while( list($k, $v) = each($HTTP_COOKIE_VARS) )
{
if( is_array($HTTP_COOKIE_VARS[$k]) )
{
while( list($k2, $v2) = each($HTTP_COOKIE_VARS[$k]) )
{
$HTTP_COOKIE_VARS[$k][$k2] = addslashes($v2);
}
@reset($HTTP_COOKIE_VARS[$k]);
}
else
{
$HTTP_COOKIE_VARS[$k] = addslashes($v);
}
}
@reset($HTTP_COOKIE_VARS);
}
}
Essentially, it just runs addslashes() on every post/get/cookie variable. I'm guessing that they where trying to do a catch-all security system to escape user input but this really isn't a good idea. You should generally filter/escape input on individual rules, not rely on a catch-all system like this 
Alan |
|
|
Join the friendly bunch on IRC...
What is happening in this code?
Linear Mode
