Размер файла: 2.39Kb
<?php
// mod by Golem http://veplog.ru
$phpversion = phpversion();
list($v_Upper,$v_Major,$v_Minor) = explode(".",$phpversion);
if(($v_Upper == 4 && $v_Major < 1) || $v_Upper < 4){
$_FILES = $HTTP_POST_FILES;
$_ENV = $HTTP_ENV_VARS;
$_GET = $HTTP_GET_VARS;
$_POST = $HTTP_POST_VARS;
$_COOKIE = $HTTP_COOKIE_VARS;
$_SERVER = $HTTP_SERVER_VARS;
$_SESSION = $HTTP_SESSION_VARS;
$_FILES = $HTTP_POST_FILES;
}
if (!ini_get('register_globals')) {
while(list($key,$value)=each($_GET)) $GLOBALS[$key]=$value;
while(list($key,$value)=each($_POST)) $GLOBALS[$key]=$value;
while(list($key,$value)=each($_SESSION)) $GLOBALS[$key]=$value;
}
$folder_level = "";
while (!file_exists($folder_level."input.php")) { $folder_level .= "../"; }
define('BASEDIR', $folder_level);
foreach ($_GET as $check_url) {
if ((eregi("<[^>]*script*\"?[^>]*>", $check_url)) || (eregi("<[^>]*object*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*iframe*\"?[^>]*>", $check_url)) || (eregi("<[^>]*applet*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*meta*\"?[^>]*>", $check_url)) || (eregi("<[^>]*style*\"?[^>]*>", $check_url)) ||
(eregi("<[^>]*form*\"?[^>]*>", $check_url)) || (eregi("\([^>]*\"?[^)]*\)", $check_url)) ||
(eregi("\"", $check_url)) || (eregi("\'", $check_url)) || (eregi("\./", $check_url)) ||
(eregi("//", $check_url)) || (eregi("<", $check_url)) || (eregi(">", $check_url))) {
header ("Location: ".BASEDIR."index.php?isset=403&".SID); exit;
}
}
unset($check_url);
foreach ($_GET as $check_getstring) {
if(eregi("\|", $check_getstring) || is_array($check_getstring)){
header ("Location: ".BASEDIR."index.php?isset=403&".SID); exit;
}}
unset($check_getstring);
foreach ($_POST as $check_poststring) {
if(eregi("\|", $check_poststring) || is_array($check_poststring)){
header ("Location: ".BASEDIR."index.php?isset=403&".SID); exit;
}}
unset($check_poststring);
if (isset($_GET['start'])){$start = (int)$_GET['start'];} else {$start = 0;}
if(isset($_GET['utext'])){$_GET['utext']="";}
if(isset($_POST['utext'])){$_POST['utext']="";}
if(isset($_GET['utexts'])){$_GET['utexts']="";}
if(isset($_POST['utexts'])){$_POST['utexts']="";}
if(isset($_GET['uzer_text'])){$_GET['uzer_text']="";}
if(isset($_POST['uzer_text'])){$_POST['uzer_text']="";}
$utext="";
$utexts="";
$uzer_text="";
?>