9

unsetglobals

unset_globals
SYNOPSIS

unset_globals()

DESCRIPTION

unset_globals clears a series of dangerous global variables set by PHP if the parameter register_globals is true. unset_globals is called very early by the bootstrap function.

NOTE: The Apache directive SetEnv REGISTER_GLOBALS 0 in .htaccess might be rejected and the call to init_set in settings.inc to set the PHP parameter register_globals to 0 might also be rejected.

CODE
  1. function unset_globals() {
  2.     if (ini_get('register_globals')) {
  3.         $allowed = array('_ENV', '_GET', '_POST', '_COOKIE', '_FILES', '_SERVER', '_REQUEST', 'GLOBALS');
  4.         foreach ($GLOBALS as $key => $value) {
  5.             if (!in_array($key, $allowed)) {
  6.                 unset($GLOBALS[$key]);
  7.             }
  8.         }
  9.     }
  10. }
SEE ALSO

engine

Comments

Your comment:
[p] [b] [i] [u] [s] [quote] [pre] [br] [code] [url] [email] strip help 2000

Enter a maximum of 2000 characters.
Improve the presentation of your text with the following formatting tags:
[p]paragraph[/p], [b]bold[/b], [i]italics[/i], [u]underline[/u], [s]strike[/s], [quote]citation[/quote], [pre]as is[/pre], [br]line break,
[url]http://www.izend.org[/url], [url=http://www.izend.org]site[/url], [email]izend@izend.org[/email], [email=izend@izend.org]izend[/email],
[code]command[/code], [code=language]source code in c, java, php, html, javascript, xml, css, sql, bash, dos, make, etc.[/code].