Nice Anti Register Globals Code
Found in Textpattern:
if (@ini_get('register_globals'))
foreach ( $_REQUEST as $name => $value )
unset($$name);
Comments
if (@ini_get('register_globals'))
foreach ( $_REQUEST as $name => $value )
unset($$name);
Comments
$ grep -r 'eval(' codeigniter/ | wc -l
20
Version 1.7.1. From the changelog: Fixed an arbitrary script execution security flaw
Well, who would have expected that?
$ cat test.php
<?php
$string = "O\'Reilly";
echo $string, "\n";
?>
$ php test.php
O\'Reilly
That's documented but not expected.
Languages like Perl, Python, Ruby, Common Lisp, C, Scheme, OCaml, Erlang, Haskell, Tcl, JavaScript, etc. print the expected "O'Reilly".
One small stone you can stumble on.