Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Technique plus elegante (a condition que ca marche) de gere PHP6 sur la non gestion des magic quotes

Browse Source
This commit is contained in:
Laurent Destailleur 2008-01-06 13:04:06 +00:00
parent 7e71fe59f4
commit 46d979591a
3 changed files with 18 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/install/check.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2004-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2007 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005 Marc Barilley / Océbo <marc@ocebo.com>
*
* This program is free software; you can redistribute it and/or modify

17
htdocs/install/inc.php
View File

@ -122,30 +122,27 @@ else if (@is_writable("/")) define('SYSLOG_FILE','/dolibarr_install.log');
define('SYSLOG_FILE_NO_ERROR',1);
// Forcage du parametrage PHP magic_quots_gpc (Sinon il faudrait a chaque POST, conditionner
// Forcage du parametrage PHP magic_quotes_gpc et nettoyage des parametres
// (Sinon il faudrait a chaque POST, conditionner
// la lecture de variable par stripslashes selon etat de get_magic_quotes).
// En mode off (recommande il faut juste faire addslashes au moment d'un insert/update.
function stripslashes_deep($value)
{
return (is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value));
}
if(eregi('PHP/6', $_SERVER['SERVER_SOFTWARE']))
{
// magic_quotes_* plus prise en compte dans PHP6
}
else
//if (! eregi('PHP/6', $_SERVER['SERVER_SOFTWARE']))
if (function_exists('get_magic_quotes_gpc')) // magic_quotes_* plus pris en compte dans PHP6
{
if (get_magic_quotes_gpc())
{
$_GET = array_map('stripslashes_deep', $_GET);
$_POST = array_map('stripslashes_deep', $_POST);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
$_GET = array_map('stripslashes_deep', $_GET);
$_POST = array_map('stripslashes_deep', $_POST);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
$_REQUEST = array_map('stripslashes_deep', $_REQUEST);
}
@set_magic_quotes_runtime(0);
}
// Defini objet langs
$langs = new Translate('../langs',$conf);
$langs->setDefaultLang('auto');

16
htdocs/main.inc.php
View File

@ -33,17 +33,21 @@
// (Sinon il faudrait a chaque POST, conditionner
// la lecture de variable par stripslashes selon etat de get_magic_quotes).
// En mode off (recommande il faut juste faire addslashes au moment d'un insert/update.
@set_magic_quotes_runtime(0);
function stripslashes_deep($value)
{
return (is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value));
}
if (get_magic_quotes_gpc())
//if (! eregi('PHP/6', $_SERVER['SERVER_SOFTWARE']))
if (function_exists('get_magic_quotes_gpc')) // magic_quotes_* plus pris en compte dans PHP6
{
$_GET = array_map('stripslashes_deep', $_GET);
$_POST = array_map('stripslashes_deep', $_POST);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
$_REQUEST = array_map('stripslashes_deep', $_REQUEST);
if (get_magic_quotes_gpc())
{
$_GET = array_map('stripslashes_deep', $_GET);
$_POST = array_map('stripslashes_deep', $_POST);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
$_REQUEST = array_map('stripslashes_deep', $_REQUEST);
}
@set_magic_quotes_runtime(0);
}
// Filtre les GET et POST pour supprimer les SQL INJECTION