Fix #3004
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index df5fa3b..4f625b1 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -65,6 +65,57 @@
*/
require_once(BASEPATH.'core/Common.php');
+
+/*
+ * ------------------------------------------------------
+ * Security procedures
+ * ------------------------------------------------------
+ */
+
+if ( ! is_php('5.4'))
+{
+ ini_set('magic_quotes_runtime', 0);
+
+ if ((bool) ini_get('register_globals'))
+ {
+ $_protected = array(
+ '_SERVER',
+ '_GET',
+ '_POST',
+ '_FILES',
+ '_REQUEST',
+ '_SESSION',
+ '_ENV',
+ '_COOKIE',
+ 'GLOBALS',
+ 'HTTP_RAW_POST_DATA',
+ 'system_folder',
+ 'application_folder',
+ 'view_folder',
+ '_protected',
+ '_registered'
+ );
+
+ $_registered = ini_get('variables_order');
+ foreach (array('E' => '_ENV', 'G' => '_GET', 'P' => '_POST', 'C' => '_COOKIE', 'S' => '_SERVER') as $key => $superglobal)
+ {
+ if (strpos($_registered, $key) === FALSE)
+ {
+ continue;
+ }
+
+ foreach (array_keys($$superglobal) as $var)
+ {
+ if (isset($GLOBALS[$var]) && ! in_array($var, $_protected, TRUE))
+ {
+ $GLOBALS[$var] = NULL;
+ }
+ }
+ }
+ }
+}
+
+
/*
* ------------------------------------------------------
* Define a custom error handler so we can log PHP errors
@@ -73,9 +124,6 @@
set_error_handler('_exception_handler');
register_shutdown_function('_shutdown_handler');
- // Kill magic quotes
- is_php('5.4') OR ini_set('magic_quotes_runtime', 0);
-
/*
* ------------------------------------------------------
* Set the subclass_prefix
diff --git a/system/core/Input.php b/system/core/Input.php
index 6986bd4..b3bed72 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -558,8 +558,7 @@
*
* Internal method serving for the following purposes:
*
- * - Unsets $_GET data (if query strings are not enabled)
- * - Unsets all globals if register_globals is enabled
+ * - Unsets $_GET data, if query strings are not enabled
* - Cleans POST, COOKIE and SERVER data
* - Standardizes newline characters to PHP_EOL
*
@@ -567,54 +566,6 @@
*/
protected function _sanitize_globals()
{
- // It would be "wrong" to unset any of these GLOBALS.
- $protected = array(
- '_SERVER',
- '_GET',
- '_POST',
- '_FILES',
- '_REQUEST',
- '_SESSION',
- '_ENV',
- 'GLOBALS',
- 'HTTP_RAW_POST_DATA',
- 'system_folder',
- 'application_folder',
- 'BM',
- 'EXT',
- 'CFG',
- 'URI',
- 'RTR',
- 'OUT',
- 'IN'
- );
-
- // Unset globals for security.
- // This is effectively the same as register_globals = off
- // PHP 5.4 no longer has the register_globals functionality.
- if ( ! is_php('5.4'))
- {
- foreach (array($_GET, $_POST, $_COOKIE) as $global)
- {
- if (is_array($global))
- {
- foreach ($global as $key => $val)
- {
- if ( ! in_array($key, $protected))
- {
- global $$key;
- $$key = NULL;
- }
- }
- }
- elseif ( ! in_array($global, $protected))
- {
- global $$global;
- $$global = NULL;
- }
- }
- }
-
// Is $_GET data allowed? If not we'll set the $_GET to an empty array
if ($this->_allow_get_array === FALSE)
{