clean_key($k2) ] = $this->clean_value($v2); } } else { $return[$k] = $this->clean_value($v); } } } // Overwrite GET data with post data if( is_array($HTTP_POST_VARS) ) { while( list($k, $v) = each($HTTP_POST_VARS) ) { if ( is_array($HTTP_POST_VARS[$k]) ) { while( list($k2, $v2) = each($HTTP_POST_VARS[$k]) ) { $return[$k][ $this->clean_key($k2) ] = $this->clean_value($v2); } } else { $return[$k] = $this->clean_value($v); } } } //---------------------------------------- // Sort out the accessing IP // (Thanks to Cosmos and schickb) //---------------------------------------- $addrs = array(); foreach( array_reverse( explode( ',', $HTTP_X_FORWARDED_FOR ) ) as $x_f ) { $x_f = trim($x_f); if ( preg_match( '/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $x_f ) ) { $addrs[] = $x_f; } } $addrs[] = $_SERVER['REMOTE_ADDR']; $addrs[] = $HTTP_PROXY_USER; $addrs[] = $REMOTE_ADDR; //header("Content-type: text/plain"); print_r($addrs); print $_SERVER['HTTP_X_FORWARDED_FOR']; exit(); $return['IP_ADDRESS'] = $this->select_var( $addrs ); // Make sure we take a valid IP address $return['IP_ADDRESS'] = preg_replace( "/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})/", "\\1.\\2.\\3.\\4", $return['IP_ADDRESS'] ); $return['request_method'] = ( $_SERVER['REQUEST_METHOD'] != "" ) ? strtolower($_SERVER['REQUEST_METHOD']) : strtolower($REQUEST_METHOD); return $return; } /*-------------------------------------------------------------------------*/ // Key Cleaner - ensures no funny business with form elements /*-------------------------------------------------------------------------*/ function clean_key($key) { if ($key == "") { return ""; } $key = preg_replace( "/\.\./" , "" , $key ); $key = preg_replace( "/\_\_(.+?)\_\_/" , "" , $key ); $key = preg_replace( "/^([\w\.\-\_]+)$/", "$1", $key ); return $key; } function clean_value($val) { global $ibforums; if ($val == "") { return ""; } $val = str_replace( " ", " ", $val ); if ( $ibforums->vars['strip_space_chr'] ) { $val = str_replace( chr(0xCA), "", $val ); //Remove sneaky spaces } $val = str_replace( "&" , "&" , $val ); $val = str_replace( "" , "-->" , $val ); $val = preg_replace( "/