diff --git a/phpBB/common.php b/phpBB/common.php
index ea386978fb..31b45df68a 100644
--- a/phpBB/common.php
+++ b/phpBB/common.php
@@ -20,11 +20,6 @@ if (!defined('IN_PHPBB'))
exit;
}
-if (version_compare(PHP_VERSION, '5.4') < 0)
-{
- die('You are running an unsupported PHP version. Please upgrade to PHP 5.4.0 or higher before trying to install or update to phpBB 3.2');
-}
-
require($phpbb_root_path . 'includes/startup.' . $phpEx);
require($phpbb_root_path . 'phpbb/class_loader.' . $phpEx);
diff --git a/phpBB/includes/startup.php b/phpBB/includes/startup.php
index 5900016c39..66f85657a5 100644
--- a/phpBB/includes/startup.php
+++ b/phpBB/includes/startup.php
@@ -22,88 +22,15 @@ if (!defined('IN_PHPBB'))
$level = E_ALL & ~E_NOTICE & ~E_DEPRECATED;
error_reporting($level);
-/*
-* Remove variables created by register_globals from the global scope
-* Thanks to Matt Kavanagh
+/**
+* Minimum Requirement: PHP 5.4.0
*/
-function deregister_globals()
+if (version_compare(PHP_VERSION, '5.4') < 0)
{
- $not_unset = array(
- 'GLOBALS' => true,
- '_GET' => true,
- '_POST' => true,
- '_COOKIE' => true,
- '_REQUEST' => true,
- '_SERVER' => true,
- '_SESSION' => true,
- '_ENV' => true,
- '_FILES' => true,
- 'phpEx' => true,
- 'phpbb_root_path' => true
- );
-
- // Not only will array_merge and array_keys give a warning if
- // a parameter is not an array, array_merge will actually fail.
- // So we check if _SESSION has been initialised.
- if (!isset($_SESSION) || !is_array($_SESSION))
- {
- $_SESSION = array();
- }
-
- // Merge all into one extremely huge array; unset this later
- $input = array_merge(
- array_keys($_GET),
- array_keys($_POST),
- array_keys($_COOKIE),
- array_keys($_SERVER),
- array_keys($_SESSION),
- array_keys($_ENV),
- array_keys($_FILES)
- );
-
- foreach ($input as $varname)
- {
- if (isset($not_unset[$varname]))
- {
- // Hacking attempt. No point in continuing.
- if (isset($_COOKIE[$varname]))
- {
- echo "Clear your cookies. ";
- }
- echo "Malicious variable name detected. Contact the administrator and ask them to disable register_globals.";
- exit;
- }
-
- unset($GLOBALS[$varname]);
- }
-
- unset($input);
+ die('You are running an unsupported PHP version. Please upgrade to PHP 5.4.0 or higher before trying to install or update to phpBB 3.2');
}
+// Register globals and magic quotes have been dropped in PHP 5.4 so no need for extra checks
-// Register globals and magic quotes have been dropped in PHP 5.4
-if (version_compare(PHP_VERSION, '5.4.0-dev', '>='))
-{
- /**
- * @ignore
- */
- define('STRIP', false);
-}
-else
-{
- if (get_magic_quotes_runtime())
- {
- // Deactivate
- @set_magic_quotes_runtime(0);
- }
-
- // Be paranoid with passed vars
- if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get'))
- {
- deregister_globals();
- }
-
- define('STRIP', (get_magic_quotes_gpc()) ? true : false);
-}
// In PHP 5.3.0 the error level has been raised to E_WARNING which causes problems
// because we show E_WARNING errors and do not set a default timezone.
diff --git a/phpBB/phpbb/files/filespec.php b/phpBB/phpbb/files/filespec.php
index 2ff2a92c83..f1a32ef4a8 100644
--- a/phpBB/phpbb/files/filespec.php
+++ b/phpBB/phpbb/files/filespec.php
@@ -129,7 +129,7 @@ class filespec
$this->class_initialized = true;
$this->filename = $upload_ary['tmp_name'];
$this->filesize = $upload_ary['size'];
- $name = (STRIP) ? stripslashes($upload_ary['name']) : $upload_ary['name'];
+ $name = $upload_ary['name'];
$name = trim(utf8_basename($name));
$this->realname = $this->uploadname = $name;
$this->mimetype = $upload_ary['type'];
diff --git a/phpBB/phpbb/passwords/driver/md5_phpbb2.php b/phpBB/phpbb/passwords/driver/md5_phpbb2.php
index bd8cc51e5a..b38b041d6c 100644
--- a/phpBB/phpbb/passwords/driver/md5_phpbb2.php
+++ b/phpBB/phpbb/passwords/driver/md5_phpbb2.php
@@ -95,7 +95,7 @@ class md5_phpbb2 extends base
// in phpBB2 passwords were used exactly as they were sent, with addslashes applied
$password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : '';
- $password_old_format = (!STRIP) ? addslashes($password_old_format) : $password_old_format;
+ $password_old_format = addslashes($password_old_format);
$password_new_format = $this->request->variable('password', '', true);
if ($super_globals_disabled)