Permalink
Browse files

Final removal of grab_globals script

  • Loading branch information...
1 parent 9b45272 commit ef95bce35bddf3f01c6c6ad73d1fdac3816719a0 @lem9 lem9 committed Mar 27, 2012
View
7 libraries/common.inc.php
@@ -273,13 +273,6 @@
}
/**
- * include deprecated grab_globals only if required
- */
-if (empty($__redirect) && !defined('PMA_NO_VARIABLES_IMPORT')) {
- include './libraries/grab_globals.lib.php';
-}
-
-/**
* check timezone setting
* this could produce an E_STRICT - but only once,
* if not done here it will produce E_STRICT on every date/time function
View
92 libraries/grab_globals.lib.php
@@ -1,92 +0,0 @@
-<?php
-/* vim: set expandtab sw=4 ts=4 sts=4: */
-/**
- * This library grabs the names and values of the variables sent or posted to a
- * script in $_GET, $_POST and $_FILES superglobals and sets simple globals
- * variables from them. It does the same work for $HTTP_ACCEPT_LANGUAGE and
- * $HTTP_AUTHORIZATION.
- *
- * @package PhpMyAdmin
- */
-if (! defined('PHPMYADMIN')) {
- exit;
-}
-
-/**
- * copy values from one array to another, usually from a superglobal into $GLOBALS
- *
- * @param array $array values from
- * @param array &$target values to
- * @param bool $sanitize prevent importing key names in $_import_blacklist
- *
- * @return bool
- */
-function PMA_recursive_extract($array, &$target, $sanitize = true)
-{
- if (! is_array($array)) {
- return false;
- }
-
- if ($sanitize) {
- $valid_variables = preg_replace(
- $GLOBALS['_import_blacklist'], '', array_keys($array)
- );
- $valid_variables = array_unique($valid_variables);
- } else {
- $valid_variables = array_keys($array);
- }
-
- foreach ($valid_variables as $key) {
-
- if (strlen($key) === 0) {
- continue;
- }
-
- if (is_array($array[$key])) {
- // there could be a variable coming from a cookie of
- // another application, with the same name as this array
- unset($target[$key]);
-
- PMA_recursive_extract($array[$key], $target[$key], false);
- } else {
- $target[$key] = $array[$key];
- }
- }
- return true;
-}
-
-
-/**
- * @var array $_import_blacklist variable names that should NEVER be imported
- * from superglobals
- */
-$_import_blacklist = array(
- '/^cfg$/i', // PMA configuration
- '/^server$/i', // selected server
- '/^db$/i', // page to display
- '/^table$/i', // page to display
- '/^goto$/i', // page to display
- '/^back$/i', // the page go back
- '/^lang$/i', // selected language
- '/^collation_connection$/i', //
- '/^set_theme$/i', //
- '/^sql_query$/i', // the query to be executed
- '/^GLOBALS$/i', // the global scope
- '/^str.*$/i', // PMA localized strings
- '/^error_handler.*$/i', // the error handler
- '/^_.*$/i', // PMA does not use variables starting with _ from extern
- '/^.*\s+.*$/i', // no whitespaces anywhere
- '/^[0-9]+.*$/i', // numeric variable names
- //'/^PMA_.*$/i', // other PMA variables
-);
-
-//if (! empty($_GET)) {
-// PMA_recursive_extract($_GET, $GLOBALS);
-//}
-
-if (! empty($_POST)) {
- PMA_recursive_extract($_POST, $GLOBALS);
-}
-unset($_import_blacklist);
-
-?>
View
9 libraries/tbl_replace_fields.inc.php
@@ -15,22 +15,13 @@
* default is to advance to the field-value parsing. Will only be set to
* true when a binary file is uploaded, thus bypassing further manipulation of $val.
*
- * note: grab_globals has extracted the fields from _FILES or HTTP_POST_FILES
- *
- *
* @package PhpMyAdmin
*/
if (! defined('PHPMYADMIN')) {
exit;
}
/**
- * do not import request variable into global scope
- */
-if (! defined('PMA_NO_VARIABLES_IMPORT')) {
- define('PMA_NO_VARIABLES_IMPORT', true);
-}
-/**
* Gets some core libraries
*/
require_once './libraries/common.inc.php';
View
7 server_collations.php
@@ -6,13 +6,6 @@
*/
/**
- * no need for variables importing
- * @ignore
- */
-if (! defined('PMA_NO_VARIABLES_IMPORT')) {
- define('PMA_NO_VARIABLES_IMPORT', true);
-}
-/**
* requirements
*/
require_once 'libraries/common.inc.php';
View
8 server_engines.php
@@ -7,14 +7,6 @@
*/
/**
- * no need for variables importing
- * @ignore
- */
-if (! defined('PMA_NO_VARIABLES_IMPORT')) {
- define('PMA_NO_VARIABLES_IMPORT', true);
-}
-
-/**
* requirements
*/
require_once 'libraries/common.inc.php';
View
8 server_plugins.php
@@ -6,14 +6,6 @@
*/
/**
- * no need for variables importing
- * @ignore
- */
-if (! defined('PMA_NO_VARIABLES_IMPORT')) {
- define('PMA_NO_VARIABLES_IMPORT', true);
-}
-
-/**
* requirements
*/
require_once 'libraries/common.inc.php';
View
8 server_status.php
@@ -7,14 +7,6 @@
* @package PhpMyAdmin
*/
-/**
- * no need for variables importing
- * @ignore
- */
-if (! defined('PMA_NO_VARIABLES_IMPORT')) {
- define('PMA_NO_VARIABLES_IMPORT', true);
-}
-
if (isset($_REQUEST['ajax_request']) && $_REQUEST['ajax_request'] == true) {
$GLOBALS['is_header_sent'] = true;
}
View
7 server_variables.php
@@ -5,13 +5,6 @@
* @package PhpMyAdmin
*/
-/**
- * no need for variables importing
- * @ignore
- */
-if (! defined('PMA_NO_VARIABLES_IMPORT')) {
- define('PMA_NO_VARIABLES_IMPORT', true);
-}
require_once 'libraries/common.inc.php';
$GLOBALS['js_include'][] = 'server_variables.js';
View
8 tbl_chart.php
@@ -7,14 +7,6 @@
*/
/**
- * do not import request variable into global scope
- * @ignore
- */
-if (! defined('PMA_NO_VARIABLES_IMPORT')) {
- define('PMA_NO_VARIABLES_IMPORT', true);
-}
-
-/**
*
*/
require_once 'libraries/common.inc.php';
View
8 tbl_gis_visualization.php
@@ -5,14 +5,6 @@
* @package PhpMyAdmin
*/
-/**
- * do not import request variable into global scope
- * @ignore
- */
-if (! defined('PMA_NO_VARIABLES_IMPORT')) {
- define('PMA_NO_VARIABLES_IMPORT', true);
-}
-
require_once 'libraries/common.inc.php';
$GLOBALS['js_include'][] = 'openlayers/OpenLayers.js';
View
11 tbl_replace.php
@@ -12,17 +12,6 @@
*/
/**
- * do not import request variable into global scope
- *
- * cannot be used as long as it could happen that the $goto file that is included
- * at the end of this script is not updated to work without imported request variables
- *
- * @todo uncomment this if all possible included files to rely on import request variables
-if (! defined('PMA_NO_VARIABLES_IMPORT')) {
- define('PMA_NO_VARIABLES_IMPORT', true);
-}
- */
-/**
* Gets some core libraries
*/
require_once 'libraries/common.inc.php';
View
8 tbl_row_action.php
@@ -6,14 +6,6 @@
* @package PhpMyAdmin
*/
-
-/**
- * do not globalize/import request variables
- * can only be enabled if all included files are switched superglobals too
- * but leave this here to show that this file is 'superglobalized'
-define('PMA_NO_VARIABLES_IMPORT', true);
- */
-
/**
*
*/
View
8 user_password.php
@@ -8,14 +8,6 @@
*/
/**
- * no need for variables importing
- * @ignore
- */
-if (! defined('PMA_NO_VARIABLES_IMPORT')) {
- define('PMA_NO_VARIABLES_IMPORT', true);
-}
-
-/**
* Gets some core libraries
*/
require_once './libraries/common.inc.php';
View
8 view_create.php
@@ -9,14 +9,6 @@
*/
/**
- * do not import request variable into global scope
- * @ignore
- */
-if (! defined('PMA_NO_VARIABLES_IMPORT')) {
- define('PMA_NO_VARIABLES_IMPORT', true);
-}
-
-/**
*
*/
require_once './libraries/common.inc.php';

0 comments on commit ef95bce

Please sign in to comment.