From bf1f91244a23e80af109e0860af9a48d126213ec Mon Sep 17 00:00:00 2001
From: Sean Colombo <sean_colombo@users.mediawiki.org>
Date: Fri, 16 Sep 2011 20:31:37 +0000
Subject: [PATCH] Additional register_globals vulnerability check. Merged in
 from big Wikia merge: http://www.mediawiki.org/wiki/Wikia_code

---
 includes/WebStart.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/includes/WebStart.php b/includes/WebStart.php
index 6cfb4722f9..17f8216bab 100644
--- a/includes/WebStart.php
+++ b/includes/WebStart.php
@@ -26,7 +26,7 @@
 # Protect against register_globals
 # This must be done before any globals are set by the code
 if ( ini_get( 'register_globals' ) ) {
-	if ( isset( $_REQUEST['GLOBALS'] ) ) {
+	if ( isset( $_REQUEST['GLOBALS'] ) || isset( $_FILES['GLOBALS'] ) ) {
 		die( '<a href="http://www.hardened-php.net/globals-problem">$GLOBALS overwrite vulnerability</a>');
 	}
 	$verboten = array(
-- 
2.20.1