1<?php 2 3// experiment, see whether we can correct the magic quotes centrally 4 5function addSlashesArray($array) 6{ 7 foreach ($array as $key => $val) { 8 if (is_array($val)) { 9 $array[$key] = addSlashesArray($val); 10 } else { 11 $array[$key] = addslashes($val); 12 } 13 } 14 15 return $array; 16} 17 18function removeSlashes(&$value, $key) 19{ 20 $value = stripslashes($value); 21} 22 23function stripSlashesArray($array) 24{ 25 array_walk_recursive($array, 'removeSlashes'); 26 27 return $array; 28} 29 30$_POST = addSlashesArray($_POST); 31$_GET = addSlashesArray($_GET); 32$_REQUEST = addSlashesArray($_REQUEST); 33$_COOKIE = addSlashesArray($_COOKIE); 34 35function removeXss($string) 36{ 37 if (is_array($string)) { 38 $return = array(); 39 foreach ($string as $key => $val) { 40 $return[removeXss($key)] = removeXss($val); 41 } 42 43 return $return; 44 } 45 //$string = preg_replace('/<script/im','<script',$string); 46 $string = htmlspecialchars($string); 47 return $string; 48} 49 50function disableJavascript($content) { 51 ## disallow Javascript 52 $content = str_ireplace('<script','< script',$content); 53 $content = str_ireplace('onmouseenter','on mouse enter',$content); 54 $content = str_ireplace('onmouseover','on mouse over',$content); 55 $content = str_ireplace('onmouseout','on mouse out',$content); 56 $content = str_ireplace('onmousemove','on mouse move',$content); 57 $content = str_ireplace('onmousedown','on mouse down',$content); 58 $content = str_ireplace('onclick','on click',$content); 59 $content = str_ireplace('ondblclick','on dbl click',$content); 60 $content = str_ireplace('onload','on load',$content); 61 $content = str_ireplace('onunload','on unload',$content); 62 $content = str_ireplace('onerror','on error',$content); 63 $content = str_ireplace('onresize','on resize',$content); 64 $content = str_ireplace('onblur','on blue',$content); 65 $content = str_ireplace('onchange','on change',$content); 66 $content = str_ireplace('onfocus','on focus',$content); 67 $content = str_ireplace('onselect','on select',$content); 68 $content = str_ireplace('onsubmit','on submit',$content); 69 $content = str_ireplace('onreset','on reset',$content); 70 $content = str_ireplace('onkeyup','on keyup',$content); 71 $content = str_ireplace('onkeydown','on keydown',$content); 72 $content = str_ireplace('ontoggle','on toggle',$content); 73 $content = str_ireplace('onafterprint','on afterprint',$content); 74 return $content; 75} 76 77/* 78foreach ($_POST as $key => $val) { 79 print "POST: $key = $val<br/>"; 80} 81foreach ($_GET as $key => $val) { 82 print "GET: $key = $val<br/>"; 83} 84foreach ($_REQUEST as $key => $val) { 85 print "REQ: $key = $val<br/>"; 86} 87foreach ($_REQUEST as $key => $val) { 88 print "COOKIE: $key = $val<br/>"; 89} 90*/ 91