CSI: PHP

"Looking at your tweets I cannot even fathom what your job is. CSI:PHP?" — @grmpyprogrammer

No Register_globals, No Problem

| Comments

Today’s entry comes courtesy of CSI: PHP Investigator Westin Shafer.

“So I found this today in a commercial product that we purchased and I know you’ll want to pull your eyes out their sockets as I did when I found this. The script was originally written for php4 and now they’ve gone through the refactoring to make this php 5 compliant ::cough::. This script apparently relied on register_globals to be set (which most php apps at the time did). No problems, per-say, it was the trend back then… But now that PHP 5 is out and register_globals is no more, here’s this guys solution to fix the problem… Lazy like.

Who needs register globals when you can just mock up your own?”

1
2
3
4
5
6
7
8
9
10
11
<?php
function get_all_vars() {
    $array=array('_GET', '_POST', '_SESSION', '_COOKIE');
    foreach($array as $key => $var) {
        global $$var;
        foreach ($$var as $k => $v) {
            global $$k;
            $$k=$v;
        }
    }
}

Comments