user%20name=volo%20name&test=1
So, I came up with the following routine. If you think I might have a problem with it, please let me know because I don't want to get some injection here from a $_GET and don't want to do this inefficiently.
Code: Select all
if ($_SERVER['REDIRECT_QUERY_STRING']) {
$_GET = array();
$_SERVER['QUERY_STRING'] = $_SERVER['REDIRECT_QUERY_STRING'];
parse_str(preg_replace('/&(\w+)(&|$)/', '&$1=$2', strtr($_SERVER['QUERY_STRING'], ';', '&')), $_GET);
}
if (get_magic_quotes_gpc()) {
function stripslashes_deep($sVal) {
return is_array($sVal) ? array_map('stripslashes_deep', $sVal) : stripslashes($sVal);
}
if (($_SERVER['REDIRECT_REQUEST_METHOD'] == 'POST') or ($_SERVER['REQUEST_METHOD'] == 'POST')) {
$_POST = array_map('stripslashes_deep', $_POST);
}
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
if (($_SERVER['REDIRECT_REQUEST_METHOD'] == 'GET') or ($_SERVER['REQUEST_METHOD'] == 'GET')) {
$_GET = array_map('stripslashes_deep', $_GET);
}
}