From 6e47c0be5c3b59cedbda8da8d708e69534964de2 Mon Sep 17 00:00:00 2001 From: thomascube Date: Mon, 3 Nov 2008 07:44:33 +0000 Subject: Handle magic_quotes on runtime and remove them from the requirements list (#1485285) --- INSTALL | 2 -- installer/welcome.html | 1 - program/include/main.inc | 5 ++++- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/INSTALL b/INSTALL index 2a68dc8d6..0c3b05dee 100644 --- a/INSTALL +++ b/INSTALL @@ -21,8 +21,6 @@ REQUIREMENTS - memory_limit (increase as suitable to support large attachments) - file_uploads enabled (for attachment upload features) - session.auto_start disabled - - magic_quotes_gpc disabled - - magic_quotes_sybase disabled - zend.ze1_compatibility_mode disabled * PHP compiled with OpenSSL to connect to IMAPS and to use the spell checker * A MySQL or PostgreSQL database engine or the SQLite extension for PHP diff --git a/installer/welcome.html b/installer/welcome.html index bfec23337..0c6805a11 100644 --- a/installer/welcome.html +++ b/installer/welcome.html @@ -22,7 +22,6 @@
  • error_reporting E_ALL & ~E_NOTICE (or lower)
  • file_uploads on (for attachment upload features)
  • session.auto_start needs to be off
    • -
  • magic_quotes_gpc off
  • A MySQL or PostgreSQL database engine or the SQLite extension for PHP
    • diff --git a/program/include/main.inc b/program/include/main.inc index 8eb2c81f5..4ed25afaf 100644 --- a/program/include/main.inc +++ b/program/include/main.inc @@ -420,8 +420,11 @@ function get_input_value($fname, $source, $allow_html=FALSE, $charset=NULL) $value = $_COOKIE[$fname]; } + // strip single quotes if magic_quotes_sybase is enabled + if (ini_get('magic_quotes_sybase')) + $value = str_replace("''", "'", $value); // strip slashes if magic_quotes enabled - if ((bool)get_magic_quotes_gpc()) + else if (get_magic_quotes_gpc() || get_magic_quotes_runtime()) $value = stripslashes($value); // remove HTML tags if not allowed -- cgit v1.2.3