|
@@ -276,9 +276,12 @@ if (function_exists('get_magic_quotes_gpc') && @get_magic_quotes_gpc()) {
|
|
|
* QUERY_STRING also needs the same treatment since it is
|
|
* QUERY_STRING also needs the same treatment since it is
|
|
|
* used in php_self().
|
|
* used in php_self().
|
|
|
*/
|
|
*/
|
|
|
-$_SERVER['REQUEST_URI'] = htmlspecialchars($_SERVER['REQUEST_URI']);
|
|
|
|
|
-$_SERVER['PHP_SELF'] = htmlspecialchars($_SERVER['PHP_SELF']);
|
|
|
|
|
-$_SERVER['QUERY_STRING'] = htmlspecialchars($_SERVER['QUERY_STRING']);
|
|
|
|
|
|
|
+if (isset($_SERVER['REQUEST_URI']))
|
|
|
|
|
+ $_SERVER['REQUEST_URI'] = htmlspecialchars($_SERVER['REQUEST_URI']);
|
|
|
|
|
+if (isset($_SERVER['PHP_SELF']))
|
|
|
|
|
+ $_SERVER['PHP_SELF'] = htmlspecialchars($_SERVER['PHP_SELF']);
|
|
|
|
|
+if (isset($_SERVER['QUERY_STRING']))
|
|
|
|
|
+ $_SERVER['QUERY_STRING'] = htmlspecialchars($_SERVER['QUERY_STRING']);
|
|
|
|
|
|
|
|
$PHP_SELF = php_self();
|
|
$PHP_SELF = php_self();
|
|
|
|
|
|
pdontthink