<?php
/**
* @author Gaetano Giunta
- * @copyright (C) 2005-2020 G. Giunta
+ * @copyright (C) 2005-2021 G. Giunta
* @license code licensed under the BSD License: see file license.txt
*
* Parses GET/POST variables
* @todo move parameters away from global namespace
*/
+// handle class autoloading:
+if (file_exists(__DIR__.'/../vendor/autoload.php')) {
+ // if the debugger is installed as top-level project with Composer, allow finding classes from dependencies
+ include_once(__DIR__.'/../vendor/autoload.php');
+} else {
+ // assume this is either a standalone install, or installed as Composer dependency
+ /// @todo if the latter is true, should we just not skip using the custom Autoloader, and let a top-level
+ /// debugger include this one, taking care of autoloading ?
+ include_once __DIR__ . "/../src/Autoloader.php";
+ PhpXmlRpc\Autoloader::register();
+}
+
+// work around register globals - @see https://www.php.net/manual/en/faq.misc.php#faq.misc.registerglobals
+if (ini_get('register_globals')) {
+ function unregister_globals()
+ {
+ // Might want to change this perhaps to a nicer error
+ if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) {
+ die('GLOBALS overwrite attempt detected');
+ }
+
+ // Variables that shouldn't be unset
+ $noUnset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES');
+
+ $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES,
+ isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array()
+ );
+
+ foreach ($input as $k => $v) {
+ if (!in_array($k, $noUnset) && isset($GLOBALS[$k])) {
+ unset($GLOBALS[$k]);
+ }
+ }
+ }
+ unregister_globals();
+}
+
// work around magic quotes
if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
function stripslashes_deep($value)
/// @todo if $inputcharset is not UTF8, we should probably re-encode $_GET to make it UTF-8
// recover input parameters
+/// @todo instead of using globals, move them to an array. Also: use a class for this parsing...
$debug = false;
$protocol = 0;
$run = false;
-$wstype = 0;
+$wstype = defined('DEFAULT_WSTYPE') ? DEFAULT_WSTYPE : 0;
$id = '';
if (isset($_GET['action'])) {
if (isset($_GET['wstype']) && $_GET['wstype'] == '1') {