Source for file magic_quotes_gpc.php

Documentation is available at magic_quotes_gpc.php

  1. <?php
  2. /**
  3. * Test Class for magic_quotes_gpc
  4. *
  5. * @package PhpSecInfo
  6. * @author Ed Finkler <coj@funkatron.com>
  7. */
  8.  
  9.  
  10.  
  11. /**
  12. * require the PhpSecInfo_Test_Core class
  13. */
  14. require_once('PhpSecInfo/Test/Test_Core.php');
  15.  
  16. /**
  17. * Test Class for magic_quotes_gpc
  18. *
  19. * @package PhpSecInfo
  20. */
  21. class PhpSecInfo_Test_Core_Magic_Quotes_GPC extends PhpSecInfo_Test_Core
  22. {
  23. /**
  24. * This should be a <b>unique</b>, human-readable identifier for this test
  25. *
  26. * @var string
  27. */
  28. var $test_name = "magic_quotes_gpc";
  29.  
  30.  
  31. var $recommended_value = FALSE;
  32.  
  33.  
  34. function _retrieveCurrentValue() {
  35. $this->current_value = $this->getBooleanIniValue('magic_quotes_gpc');
  36. }
  37.  
  38.  
  39. /**
  40. * magic_quotes_gpc has been removed since PHP 6.0
  41. *
  42. * @return boolean
  43. */
  44. function isTestable() {
  45. return version_compare(PHP_VERSION, '6', '<') ;
  46. }
  47.  
  48.  
  49. /**
  50. * Checks to see if allow_url_fopen is enabled
  51. *
  52. */
  53. function _execTest() {
  54. if ($this->current_value == $this->recommended_value) {
  55. return PHPSECINFO_TEST_RESULT_OK;
  56. }
  57.  
  58. return PHPSECINFO_TEST_RESULT_NOTICE;
  59. }
  60.  
  61.  
  62. /**
  63. * Set the messages specific to this test
  64. *
  65. */
  66. function _setMessages() {
  67. parent::_setMessages();
  68.  
  69.  
  70. $this->setMessageForResult(PHPSECINFO_TEST_RESULT_NOTRUN, 'en', 'You are running PHP 6 or later and magic_quotes_gpc has been removed');
  71. $this->setMessageForResult(PHPSECINFO_TEST_RESULT_OK, 'en', 'magic_quotes_gpc is disabled, which is the recommended setting');
  72. $this->setMessageForResult(PHPSECINFO_TEST_RESULT_NOTICE, 'en', 'magic_quotes_gpc is enabled. This
  73. feature is inconsistent in blocking attacks, and can in some cases cause data loss with
  74. uploaded files. You should <i>not</i> rely on magic_quotes_gpc to block attacks. It is
  75. recommended that magic_quotes_gpc be disabled, and input filtering be handled by your PHP
  76. scripts');
  77. }
  78.  
  79.  
  80. }

Documentation generated on Fri, 06 Apr 2007 13:32:14 -0400 by phpDocumentor 1.3.0RC3