functions/global.php

   1 <?php
   2
   3 /**
   4  * globals.php
   5  *
   6  * Copyright (c) 1999-2002 The SquirrelMail Project Team
   7  * Licensed under the GNU GPL. For full terms see the file COPYING.
   8  *
   9  * This includes code to update < 4.1.0 globals to the newer format
  10  * It also has some session register functions that work across various
  11  * php versions.
  12  *
  13  * $Id$
  14  */
  15
  16
  17 /* convert old-style superglobals to current method
  18  * this is executed if you are running PHP 4.0.x.
  19  * it is run via a require_once directive in validate.php
  20  * and redirect.php. Patch submitted by Ray Black.
  21  */
  22
  23 if ( !check_php_version(4,1) ) {
  24   global $_COOKIE, $_ENV, $_FILES, $_GET, $_POST, $_SERVER, $_SESSION;
  25   global $HTTP_COOKIE_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES, $HTTP_GET_VARS,
  26          $HTTP_POST_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS;
  27   $_COOKIE  =& $HTTP_COOKIE_VARS;
  28   $_ENV     =& $HTTP_ENV_VARS;
  29   $_FILES   =& $HTTP_POST_FILES;
  30   $_GET     =& $HTTP_GET_VARS;
  31   $_POST    =& $HTTP_POST_VARS;
  32   $_SERVER  =& $HTTP_SERVER_VARS;
  33   $_SESSION =& $HTTP_SESSION_VARS;
  34 }
  35
  36 /* if running with magic_quotes_gpc then strip the slashes
  37    from POST and GET global arrays */
  38
  39 if (get_magic_quotes_gpc()) {
  40     sqstripslashes($_GET);
  41     sqstripslashes($_POST);
  42 }
  43
  44 /* strip any tags added to the url from PHP_SELF.
  45    This fixes hand crafted url XXS expoits for any
  46    page that uses PHP_SELF as the FORM action */
  47
  48 strip_tags($_SERVER['PHP_SELF']);
  49
  50 /* returns true if current php version is at mimimum a.b.c */
  51 function check_php_version ($a = '0', $b = '0', $c = '0')
  52 {
  53     global $SQ_PHP_VERSION;
  54
  55     if(!isset($SQ_PHP_VERSION))
  56         $SQ_PHP_VERSION = substr( str_pad( preg_replace('/\D/','', PHP_VERSION), 3, '0'), 0, 3);
  57
  58     return $SQ_PHP_VERSION >= ($a.$b.$c);
  59 }
  60
  61 /* recursively strip slashes from the values of an array */
  62 function sqstripslashes(&$array) {
  63     if(count($array) > 0) {
  64         foreach ($array as $index=>$value) {
  65             if (is_array($array[$index])) {
  66                 sqstripslashes($array[$index]);
  67             }
  68             else {
  69                 $array[$index] = stripslashes($value);
  70             }
  71         }
  72     }
  73 }
  74
  75 function sqsession_register ($var, $name) {
  76     if ( !check_php_version(4,1) ) {
  77         global $HTTP_SESSION_VARS;
  78         $HTTP_SESSION_VARS[$name] = $var;
  79     }
  80     else {
  81         $_SESSION["$name"] = $var;
  82     }
  83 }
  84
  85 function sqsession_unregister ($name) {
  86     if ( !check_php_version(4,1) ) {
  87         global $HTTP_SESSION_VARS;
  88         unset($HTTP_SESSION_VARS[$name]);
  89     }
  90     else {
  91         unset($_SESSION[$name]);
  92     }
  93 }
  94
  95 function sqsession_is_registered ($name) {
  96     $test_name = &$name;
  97     $result = false;
  98     if ( !check_php_version(4,1) ) {
  99         global $HTTP_SESSION_VARS;
 100         if (isset($HTTP_SESSION_VARS[$test_name])) {
 101             $result = true;
 102         }
 103     }
 104     else {
 105         if (isset($_SESSION[$test_name])) {
 106             $result = true;
 107         }
 108     }
 109     return $result;
 110 }
 111
 112
 113 /**
 114  *  Search for the var $name in $_SESSION, $_POST, $_GET
 115  *  (in that order) and register it as a global var.
 116  */
 117 function sqextractGlobalVar ($name) {
 118     if ( !check_php_version(4,1) ) {
 119         global $_SESSION, $_GET, $_POST;
 120     }
 121     global  $$name;
 122     if( isset($_SESSION[$name]) ) {
 123         $$name = $_SESSION[$name];
 124     }
 125     if( isset($_POST[$name]) ) {
 126         $$name = $_POST[$name];
 127     }
 128     else if ( isset($_GET[$name]) ) {
 129         $$name =  $_GET[$name];
 130     }
 131 }
 132
 133 function sqsession_destroy() {
 134     global $base_uri;
 135
 136     /* start session to be able to destroy it later */
 137     session_start();
 138
 139     if ( !check_php_version(4,1) ) {
 140         global $HTTP_SESSION_VARS;
 141         $HTTP_SESSION_VARS = array();
 142     }
 143     else {
 144         $_SESSION = array();
 145     }
 146
 147     /*
 148      * now reset cookies to 5 seconds ago to delete from browser
 149      */
 150
 151     @session_destroy();
 152     $cookie_params = session_get_cookie_params();
 153     setcookie(session_name(), '', time() - 5, $cookie_params['path'],
 154         $cookie_params['domain']);
 155     setcookie('username', '', time() - 5, $base_uri);
 156     setcookie('key', '', time() - 5 , $base_uri);
 157 }
 158
 159 ?>