forked from emcs/TradingEye-V7.1.1
-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.php
executable file
·68 lines (59 loc) · 1.51 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<?php
/*
=======================================================================================
Copyright: TradingEye
Version: 7.1.1
=======================================================================================
*/
//mysql injection fix starts
function escape($string){
$hasMagicQuotesEnabled = (bool)get_magic_quotes_gpc();
$canEscapeString = function_exists('mysql_real_escape_string');
if($hasMagicQuotesEnabled){
$string = stripslashes($string);
}
if($canEscapeString){
if($escaped = @mysql_real_escape_string($string)){
return $escaped;
}
}
$replacements = array(
'\\' => '\\\\',
"\0" => '\\0',
"'" => "\\'",
'"' => '\\"',
"\x1a" => '\\Z',
);
return strtr($string, $replacements);
}
foreach($_POST as $k=>$v){
if(is_array($_POST[$k])){
foreach($_POST[$k] as $k2=>$v2){
$_POST[$k][$k2] = escape($_POST[$k][$k2]);
//$_POST[$k][$k2] = htmlentities($_POST[$k][$k2]);
}
}
else
{
$_POST[$k] = escape($_POST[$k]);
$_POST[$k] = htmlentities($_POST[$k],ENT_QUOTES,"UTF-8");
}
}
foreach($_GET as $k=>$v){
if(is_array($_GET[$k])){
foreach($_GET[$k] as $k2=>$v2){
$_GET[$k][$k2] = escape($_GET[$k][$k2]);
$_GET[$k][$k2] = htmlentities($_GET[$k][$k2]);
}
}
else {
$_GET[$k] = escape($_GET[$k]);
$_GET[$k] = htmlentities($_GET[$k]);
}
}
//mysql injection fix ends
include_once("configuration.php");
require_once("libs/plugins.php");
$pluginInterface = new pluginInterface();
include_once($pluginInterface->plugincheck(MODULES_PATH."index.php"));
?>