X-Git-Url: http://git.cyclocoop.org/?a=blobdiff_plain;f=includes%2FWebStart.php;h=71454f04568b96ad2d96f7f20912d25770fe55f5;hb=3b57bd5fcae51d924a65116d6ec07475cade4bac;hp=09f01c008b1ebbe275c942b4fb7c857b127c8d77;hpb=19a38526f390cfdc6a6061cc055fc7f13167bf03;p=lhc%2Fweb%2Fwiklou.git
diff --git a/includes/WebStart.php b/includes/WebStart.php
index 09f01c008b..71454f0456 100644
--- a/includes/WebStart.php
+++ b/includes/WebStart.php
@@ -26,41 +26,12 @@
* @file
*/
-# Protect against register_globals
+# Die if register_globals is enabled (PHP <=5.3)
# This must be done before any globals are set by the code
if ( ini_get( 'register_globals' ) ) {
- if ( isset( $_REQUEST['GLOBALS'] ) || isset( $_FILES['GLOBALS'] ) ) {
- die( ''
- . '$GLOBALS overwrite vulnerability' );
- }
-
- $verboten = array(
- 'GLOBALS',
- '_SERVER',
- 'HTTP_SERVER_VARS',
- '_GET',
- 'HTTP_GET_VARS',
- '_POST',
- 'HTTP_POST_VARS',
- '_COOKIE',
- 'HTTP_COOKIE_VARS',
- '_FILES',
- 'HTTP_POST_FILES',
- '_ENV',
- 'HTTP_ENV_VARS',
- '_REQUEST',
- '_SESSION',
- 'HTTP_SESSION_VARS'
- );
-
- foreach ( $_REQUEST as $name => $value ) {
- if ( in_array( $name, $verboten ) ) {
- header( "HTTP/1.1 500 Internal Server Error" );
- echo "register_globals security paranoia: trying to overwrite superglobals, aborting.";
- die( -1 );
- }
- unset( $GLOBALS[$name] );
- }
+ die( 'MediaWiki does not support installations where register_globals is enabled. '
+ . 'Please see mediawiki.org '
+ . 'for help on how to disable it.' );
}
# bug 15461: Make IE8 turn off content sniffing. Everybody else should ignore this