// We actually don't want slashes in $_GET... just entities - which serve the same purpose.
if (get_magic_quotes_gpc() != 0)
$_SERVER['REQUEST_URI'] = stripslashes($_SERVER['REQUEST_URI']);
// Remove the .html, assuming there is one.
// Remove the .html, assuming there is one.
// If magic_quotes_gpc isn't off, remove the slashes from the get variables. (they're gonna be html'd anyway.)
if (get_magic_quotes_gpc() != 0)
$_SERVER['QUERY_STRING'] = stripslashes($_SERVER['QUERY_STRING']);
// Replace ';' with '&' and '&something&' with '&something=&'. (this is done for compatibility...)
// Replace ';' with '&' and '&something&' with '&something=&'. (this is done for compatibility...)
$_SERVER = addslashes__recursive($_SERVER);
// FILES work like this: k -> name -> array. So be careful.
foreach ($_FILES as $k => $dummy)
$_FILES[$k]['name'] = addslashes__recursive($_FILES[$k]['name']);
}
// FILES work like this: k -> name -> array. So be careful.
foreach ($_FILES as $k => $dummy)
$_FILES[$k]['name'] = addslashes__recursive($_FILES[$k]['name']);
}
// Take care of the server variables.
$_SERVER = addslashes__recursive($_SERVER);
if (empty($_SERVER['HTTP_USER_AGENT']))
$_SERVER['HTTP_USER_AGENT'] = '';
$_SERVER['HTTP_USER_AGENT'] = isset($_SERVER['HTTP_USER_AGENT']) ? htmlspecialchars(stripslashes($_SERVER['HTTP_USER_AGENT']), ENT_QUOTES) : '';
// Some final checking.
if (preg_match('~^((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5])$~', $_SERVER['REMOTE_ADDR']) === 0)
$_SERVER['REMOTE_ADDR'] = '';
SMF 1.0.6 15 January 2006
================================================================================
December 2005:
--------------------------------------------------------------------------------
SMF 1.0.7 29 March 2006
================================================================================
March 2005:
--------------------------------------------------------------------------------
! Added an extra check on the HTTP_X_FORWARDED_FOR input variable. (QueryString.php)
! Limit the number of words that can be searched for a little bit. (Search.php)
! Prevent users from voting more than once in a poll. (Poll.php)