[gentoo-commits] gentoo-projects commit in forums/htdocs: common.php - gentoo-commits

From:	"Tom Knight (tomk)" <tomk@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-projects commit in forums/htdocs: common.php
Date:	Mon, 25 Feb 2013 10:39:11
Message-Id:	`20130225103907.2E6862171E@flycatcher.gentoo.org`

1

tomk        13/02/25 10:39:07

2

3

  Modified:             common.php

4

  Log:

5

  ensure code is compatible with php 5.4

6

7

Revision  Changes    Path

8

1.11                 forums/htdocs/common.php

9

10

file : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/forums/htdocs/common.php?rev=1.11&view=markup

11

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-projects/forums/htdocs/common.php?rev=1.11&content-type=text/plain

12

diff : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/forums/htdocs/common.php?r1=1.10&r2=1.11

13

14

Index: common.php

15

===================================================================

16

RCS file: /var/cvsroot/gentoo-projects/forums/htdocs/common.php,v

17

retrieving revision 1.10

18

retrieving revision 1.11

19

diff -u -r1.10 -r1.11

20

--- common.php	25 Jun 2011 08:41:20 -0000	1.10

21

+++ common.php	25 Feb 2013 10:39:07 -0000	1.11

22

@@ -6,7 +6,7 @@

23

  *   copyright            : (C) 2001 The phpBB Group

24

  *   email                : support@×××××.com

25

*

26

- *   $Id: common.php,v 1.10 2011/06/25 08:41:20 desultory Exp $

27

+ *   $Id: common.php,v 1.11 2013/02/25 10:39:07 tomk Exp $

28

*

29

  ***************************************************************************/

30

31

@@ -26,14 +26,16 @@

32

33

//

34

 error_reporting  (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables

35

-set_magic_quotes_runtime(0); // Disable magic_quotes_runtime

36

+// 2013-02-25 tomk - set_magic_quotes_runtime() raises an E_CORE_ERROR in php 5.4

37

+//set_magic_quotes_runtime(0); // Disable magic_quotes_runtime

38

39

 // The following code (unsetting globals)

40

 // Thanks to Matt Kavanagh and Stefan Esser for providing feedback as well as patch files

41

42

 // PHP5 with register_long_arrays off?

43

-if (@phpversion() >= '5.0.0' && (!@ini_get('register_long_arrays') || @ini_get('register_long_arrays') == '0' || strtolower(@ini_get('register_long_arrays')) == 'off'))

44

-{

45

+// 2013-02-25 tomk - register_globals and register_long_arrays php.ini directives have been removed in php 5.4

46

+//if (@phpversion() >= '5.0.0' && (!@ini_get('register_long_arrays') || @ini_get('register_long_arrays') == '0' || strtolower(@ini_get('register_long_arrays')) == 'off'))

47

+//{

48

 	$HTTP_POST_VARS = $_POST;

49

 	$HTTP_GET_VARS = $_GET;

50

 	$HTTP_SERVER_VARS = $_SERVER;

51

@@ -46,7 +48,7 @@

52

{

53

 		$HTTP_SESSION_VARS = $_SESSION;

54

}

55

-}

56

+//}

57

58

 // Protect against GLOBALS tricks

59

 if (isset($HTTP_POST_VARS['GLOBALS']) || isset($HTTP_POST_FILES['GLOBALS']) || isset($HTTP_GET_VARS['GLOBALS']) || isset($HTTP_COOKIE_VARS['GLOBALS']))

60

@@ -60,6 +62,8 @@

61

 	die("Hacking attempt");

62

}

63

64

+// 2013-02-25 tomk - register_globals and register_long_arrays php.ini directives have been removed in php 5.4

65

+/*

66

 if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')

67

{

68

 	// PHP4+ path

69

@@ -95,14 +99,17 @@

70

71

 	unset($input);

72

}

73

+*/

74

75

//

76

 // addslashes to vars if magic_quotes_gpc is off

77

 // this is a security precaution to prevent someone

78

 // trying to break out of a SQL statement.

79

//

80

-if( !get_magic_quotes_gpc() )

81

-{

82

+// 2013-02-25 tomk - get_magic_quotes_gpc always returns FALSE as of php 5.4

83

+// so lets get rid of this call now as I guess they'll deprecate it at some point

84

+//if( !get_magic_quotes_gpc() )

85

+//{

86

 	if( is_array($HTTP_GET_VARS) )

87

{

88

 		while( list($k, $v) = each($HTTP_GET_VARS) )

89

@@ -162,7 +169,7 @@

90

}

91

 		@reset($HTTP_COOKIE_VARS);

92

}

93

-}

94

+//}

95

96

//

97

 // Define some basic configuration arrays this also prevents

1	tomk 13/02/25 10:39:07
2
3	Modified: common.php
4	Log:
5	ensure code is compatible with php 5.4
6
7	Revision Changes Path
8	1.11 forums/htdocs/common.php
9
10	file : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/forums/htdocs/common.php?rev=1.11&view=markup
11	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-projects/forums/htdocs/common.php?rev=1.11&content-type=text/plain
12	diff : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/forums/htdocs/common.php?r1=1.10&r2=1.11
13
14	Index: common.php
15	===================================================================
16	RCS file: /var/cvsroot/gentoo-projects/forums/htdocs/common.php,v
17	retrieving revision 1.10
18	retrieving revision 1.11
19	diff -u -r1.10 -r1.11
20	--- common.php 25 Jun 2011 08:41:20 -0000 1.10
21	+++ common.php 25 Feb 2013 10:39:07 -0000 1.11
22	@@ -6,7 +6,7 @@
23	* copyright : (C) 2001 The phpBB Group
24	* email : support@×××××.com
25	*
26	- * $Id: common.php,v 1.10 2011/06/25 08:41:20 desultory Exp $
27	+ * $Id: common.php,v 1.11 2013/02/25 10:39:07 tomk Exp $
28	*
29	***************************************************************************/
30
31	@@ -26,14 +26,16 @@
32
33	//
34	error_reporting (E_ERROR \| E_WARNING \| E_PARSE); // This will NOT report uninitialized variables
35	-set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
36	+// 2013-02-25 tomk - set_magic_quotes_runtime() raises an E_CORE_ERROR in php 5.4
37	+//set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
38
39	// The following code (unsetting globals)
40	// Thanks to Matt Kavanagh and Stefan Esser for providing feedback as well as patch files
41
42	// PHP5 with register_long_arrays off?
43	-if (@phpversion() >= '5.0.0' && (!@ini_get('register_long_arrays') \|\| @ini_get('register_long_arrays') == '0' \|\| strtolower(@ini_get('register_long_arrays')) == 'off'))
44	-{
45	+// 2013-02-25 tomk - register_globals and register_long_arrays php.ini directives have been removed in php 5.4
46	+//if (@phpversion() >= '5.0.0' && (!@ini_get('register_long_arrays') \|\| @ini_get('register_long_arrays') == '0' \|\| strtolower(@ini_get('register_long_arrays')) == 'off'))
47	+//{
48	$HTTP_POST_VARS = $_POST;
49	$HTTP_GET_VARS = $_GET;
50	$HTTP_SERVER_VARS = $_SERVER;
51	@@ -46,7 +48,7 @@
52	{
53	$HTTP_SESSION_VARS = $_SESSION;
54	}
55	-}
56	+//}
57
58	// Protect against GLOBALS tricks
59	if (isset($HTTP_POST_VARS['GLOBALS']) \|\| isset($HTTP_POST_FILES['GLOBALS']) \|\| isset($HTTP_GET_VARS['GLOBALS']) \|\| isset($HTTP_COOKIE_VARS['GLOBALS']))
60	@@ -60,6 +62,8 @@
61	die("Hacking attempt");
62	}
63
64	+// 2013-02-25 tomk - register_globals and register_long_arrays php.ini directives have been removed in php 5.4
65	+/*
66	if (@ini_get('register_globals') == '1' \|\| strtolower(@ini_get('register_globals')) == 'on')
67	{
68	// PHP4+ path
69	@@ -95,14 +99,17 @@
70
71	unset($input);
72	}
73	+*/
74
75	//
76	// addslashes to vars if magic_quotes_gpc is off
77	// this is a security precaution to prevent someone
78	// trying to break out of a SQL statement.
79	//
80	-if( !get_magic_quotes_gpc() )
81	-{
82	+// 2013-02-25 tomk - get_magic_quotes_gpc always returns FALSE as of php 5.4
83	+// so lets get rid of this call now as I guess they'll deprecate it at some point
84	+//if( !get_magic_quotes_gpc() )
85	+//{
86	if( is_array($HTTP_GET_VARS) )
87	{
88	while( list($k, $v) = each($HTTP_GET_VARS) )
89	@@ -162,7 +169,7 @@
90	}
91	@reset($HTTP_COOKIE_VARS);
92	}
93	-}
94	+//}
95
96	//
97	// Define some basic configuration arrays this also prevents

Gentoo Archives: gentoo-commits