/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: func.php,v 1.38 2003/05/14 10:08:40 arino Exp $
+// $Id: func.php,v 1.39 2003/05/16 05:45:46 arino Exp $
//
// ʸ»úÎó¤¬InterWikiName¤«¤É¤¦¤«
http://ns1.php.gr.jp/pipermail/php-users/2003-January/012742.html
[PHP-users 12736] null byte attack
+
+2003-05-16: magic quotes gpc¤ÎÉü¸µ½èÍý¤òÅý¹ç
*/
-function sanitize_null_character($param)
+function sanitize($param)
{
if (is_array($param))
{
$result = array();
- foreach ($param as $key => $value)
+ foreach ($param as $key=>$value)
{
- $key = sanitize_null_character($key);
- $result[$key] = sanitize_null_character($value);
+ $key = str_replace("\0",'',$key);
+ $result[$key] = sanitize($value);
}
}
else
{
$result = str_replace("\0",'',$param);
+ if (get_magic_quotes_gpc())
+ {
+ $result = stripslashes($result);
+ }
}
return $result;
}