3 // vim: expandtab sw=4 ts=4 sts=4:
7 * This library grabs the names and values of the variables sent or posted to a
8 * script in the '$HTTP_*_VARS' / $_* arrays and sets simple globals variables
9 * from them. It does the same work for the $PHP_SELF variable.
11 * loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
13 if (!defined('PMA_GRAB_GLOBALS_INCLUDED')) {
14 define('PMA_GRAB_GLOBALS_INCLUDED', 1);
16 function PMA_gpc_extract($array, &$target) {
17 if (!is_array($array)) {
20 $is_magic_quotes = get_magic_quotes_gpc();
22 while (list($key, $value) = each($array)) {
23 if (is_array($value)) {
24 PMA_gpc_extract($value, $target[$key]);
25 } else if ($is_magic_quotes) {
26 $target[$key] = stripslashes($value);
28 $target[$key] = $value;
36 PMA_gpc_extract($_GET, $GLOBALS);
37 } else if (!empty($HTTP_GET_VARS)) {
38 PMA_gpc_extract($HTTP_GET_VARS, $GLOBALS);
42 PMA_gpc_extract($_POST, $GLOBALS);
43 } else if (!empty($HTTP_POST_VARS)) {
44 PMA_gpc_extract($HTTP_POST_VARS, $GLOBALS);
47 if (!empty($_FILES)) {
48 while (list($name, $value) = each($_FILES)) {
49 $
$name = $value['tmp_name'];
50 $
{$name . '_name'} = $value['name'];
52 } else if (!empty($HTTP_POST_FILES)) {
53 while (list($name, $value) = each($HTTP_POST_FILES)) {
54 $
$name = $value['tmp_name'];
55 $
{$name . '_name'} = $value['name'];
59 if (!empty($_SERVER) && isset($_SERVER['PHP_SELF'])) {
60 $PHP_SELF = $_SERVER['PHP_SELF'];
61 } else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['PHP_SELF'])) {
62 $PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF'];
65 // Securety fix: disallow accessing serious server files via "?goto="
66 if (isset($goto) && strpos(' ' . $goto, '/') > 0 && substr($goto, 0, 2) != './') {
70 } // $__PMA_GRAB_GLOBALS_LIB__