A quick-fix for the reported exploit with themes.

[squirrelmail.git] / src / validate.php

diff --git a/src/validate.php b/src/validate.php
index 60af3509c4a0a8951319eb823b13107b8d6f7943..3d6d20e654ddb907e9511ab15e2de828b42d63ae 100644 (file)
--- a/src/validate.php
+++ b/src/validate.php
@@ -61,6 +61,15 @@ if (isset($send)
 * Include them down here instead of at the top so that all config
 * variables overwrite any passed in variables (for security).
 */
+
+/**
+ * Reset the $theme() array in case a value was passed via a cookie.
+ * This is until theming is rewritten.
+ */
+global $theme;
+unset($theme);
+$theme=array();
+
 require_once('../config/config.php');
 require_once('../src/load_prefs.php');
 require_once('../functions/page_header.php');