Skip to content
Browse files

Pass $filter to remove_slashes (thanks to juzna)

  • Loading branch information...
1 parent a366306 commit 83d82d6eee8be3cf92f18867838ba4164ff82a4d @vrana committed Jul 22, 2011
Showing with 5 additions and 4 deletions.
  1. +3 −3 adminer/include/bootstrap.inc.php
  2. +2 −1 adminer/include/functions.inc.php
View
6 adminer/include/bootstrap.inc.php
@@ -4,8 +4,8 @@
include "../adminer/include/coverage.inc.php";
// disable filter.default
-$filter = (!ereg('^(unsafe_raw)?$', ini_get("filter.default")) || ini_get("filter.default_flags"));
-if ($filter) {
+$filter = (!ereg('^(unsafe_raw)?$', ini_get("filter.default")));
+if ($filter || ini_get("filter.default_flags")) {
foreach (array('_GET', '_POST', '_COOKIE', '_SERVER') as $val) {
$unsafe = filter_input_array(constant("INPUT$val"), FILTER_UNSAFE_RAW);
if ($unsafe) {
@@ -39,7 +39,7 @@
}
// disable magic quotes to be able to use database escaping function
-remove_slashes(array(&$_GET, &$_POST, &$_COOKIE));
+remove_slashes(array(&$_GET, &$_POST, &$_COOKIE), $filter);
if (function_exists("set_magic_quotes_runtime")) { // removed in PHP 6
set_magic_quotes_runtime(false);
}
View
3 adminer/include/functions.inc.php
@@ -27,9 +27,10 @@ function escape_string($val) {
/** Disable magic_quotes_gpc
* @param array e.g. (&$_GET, &$_POST, &$_COOKIE)
+* @param bool whether to leave values as is
* @return null modified in place
*/
-function remove_slashes($process) {
+function remove_slashes($process, $filter = false) {
if (get_magic_quotes_gpc()) {
while (list($key, $val) = each($process)) {
foreach ($val as $k => $v) {

0 comments on commit 83d82d6

Please sign in to comment.
Something went wrong with that request. Please try again.