mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-31 03:29:23 +02:00
Code Issues Releases Wiki Activity

#i101

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@8127 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Nils Adermann 2007-10-03 19:20:49 +00:00
parent 7a942662d9
commit 4f094bdb48
1 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
phpBB/common.php
View File

@ -65,8 +65,26 @@ function deregister_globals()
{
if (isset($not_unset[$varname]))
{
// Hacking attempt. No point in continuing.
exit;
// Hacking attempt. No point in continuing unless it's a COOKIE
if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS']))
{
exit;
}
else
{
$cookie = &$_COOKIE;
while (isset($cookie['GLOBALS']))
{
foreach ($cookie['GLOBALS'] as $registered_var => $value)
{
if (!isset($not_unset[$registered_var]))
{
unset($GLOBALS[$registered_var]);
}
}
$cookie = &$cookie['GLOBALS'];
}
}
}
unset($GLOBALS[$varname]);