Changeset View
Changeset View
Standalone View
Standalone View
branches/5.2.x/core/kernel/utility/http_query.php
Show First 20 Lines • Show All 630 Lines • ▼ Show 20 Line(s) | |||||
$this->_Params = kUtil::array_merge_recursive($this->_Params, Array ($key => $value_array)); | $this->_Params = kUtil::array_merge_recursive($this->_Params, Array ($key => $value_array)); | ||||
} | } | ||||
return $array; | return $array; | ||||
} | } | ||||
function StripSlashes($array) | function StripSlashes($array) | ||||
{ | { | ||||
static $magic_quotes = null; | |||||
if (!isset($magic_quotes)) { | |||||
$magic_quotes = get_magic_quotes_gpc(); | |||||
} | |||||
foreach ($array as $key => $value) { | foreach ($array as $key => $value) { | ||||
if (is_array($value)) { | if (is_array($value)) { | ||||
$array[$key] = $this->StripSlashes($value); | $array[$key] = $this->StripSlashes($value); | ||||
} | } | ||||
else { | else { | ||||
if ($magic_quotes) { | |||||
$value = stripslashes($value); | |||||
} | |||||
if (!$this->Application->isAdmin) { | if (!$this->Application->isAdmin) { | ||||
// TODO: always escape output instead of input | // TODO: always escape output instead of input | ||||
$value = kUtil::escape($value, kUtil::ESCAPE_HTML); | $value = kUtil::escape($value, kUtil::ESCAPE_HTML); | ||||
} | } | ||||
$array[$key] = $value; | $array[$key] = $value; | ||||
} | } | ||||
} | } | ||||
▲ Show 20 Lines • Show All 159 Lines • Show Last 20 Lines |