* change for filter super vars.

2015-11-04 14:17:20 +08:00
parent 394a407ec0
commit 513c49f855
2 changed files with 69 additions and 3 deletions
--- a/framework/helper.class.php
+++ b/framework/helper.class.php
@@ -4,7 +4,7 @@
 *
 * The author disclaims copyright to this source code.  In place of
 * a legal notice, here is a blessing:
- * 
+ *
 *  May you do good and not evil.
 *  May you find forgiveness for yourself and forgive others.
 *  May you share freely, never taking more than you give.
@@ -57,6 +57,7 @@ class helper
     * @param string       $methodName     method name
     * @param string|array $vars           the params passed to the method, can be array('key' => 'value') or key1=value1&key2=value2) or key1=value1&key2=value2
     * @param string       $viewType       the view type
+     * @param string       $onlybody       the view type
     * @static
     * @access public
     * @return string the link string.
@@ -615,3 +616,52 @@ function isonlybody()
 {
    return (isset($_GET['onlybody']) and $_GET['onlybody'] == 'yes');
 }
+
+/**
+ * Process evil params.
+ * 
+ * @param  string    $value 
+ * @access public
+ * @return void
+ */
+function processEvil($value)
+{
+    if(strpos(htmlspecialchars_decode($value), '<?') !== false)
+    {
+        $value       = (string) $value;
+        $evils       = array('eval', 'exec', 'passthru', 'proc_open', 'shell_exec', 'system', '$$', 'include', 'require', 'assert');
+        $gibbedEvils = array('e v a l', 'e x e c', ' p a s s t h r u', ' p r o c _ o p e n', 's h e l l _ e x e c', 's y s t e m', '$ $', 'i n c l u d e', 'r e q u i r e', 'a s s e r t');
+        return str_ireplace($evils, $gibbedEvils, $value);
+    }
+    return $value;
+}
+
+/**
+ * Process array evils.
+ * 
+ * @param  array    $params 
+ * @access public
+ * @return array
+ */
+function processArrayEvils($params)
+{
+    $params = (array) $params;
+    foreach($params as $item => $values)
+    {
+        if(!is_array($values))
+        {
+            $params[$item] = processEvil($values);
+            if(processEvil($item) != $item) unset($params[$item]);
+        }
+        else
+        {
+            foreach($values as $key => $value)
+            {
+                if(is_array($value)) continue;
+                $params[$item][$key] = processEvil($value);
+                if(processEvil($key) != $key) unset($params[$item][$key]);
+            }
+        }
+    }
+    return $params;
+}
--- a/framework/router.class.php
+++ b/framework/router.class.php
@@ -4,7 +4,7 @@
 *
 * The author disclaims copyright to this source code.  In place of
 * a legal notice, here is a blessing:
- * 
+ *
 *  May you do good and not evil.
 *  May you find forgiveness for yourself and forgive others.
 *  May you share freely, never taking more than you give.
@@ -12,7 +12,7 @@

 /**
 * The router class.
- * 
+ *
 * @package framework
 */
 class router
@@ -292,6 +292,7 @@ class router
        $this->setModuleRoot();
        $this->setThemeRoot();

+        $this->filterSuperVars();
        $this->setSuperVars();

        $this->loadConfig('common');
@@ -468,6 +469,21 @@ class router
        $this->themeRoot = $this->appRoot . 'www' . $this->pathFix . 'theme' . $this->pathFix;
    }

+    /**
+     * Filter superVars.
+     * 
+     * @access public
+     * @return void
+     */
+    public function filterSuperVars()
+    {
+        $_POST   = processArrayEvils($_POST);
+        $_GET    = processArrayEvils($_GET);
+        $_COOKIE = processArrayEvils($_COOKIE);
+        unset($_GLOBALS);
+        unset($_REQUEST);
+    }
+
    /**
     * Set the super vars.
     *