X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=plugins%2Fsquirrelspell%2Fsqspell_interface.php;h=32da3780cb5dfa1ab5dfc7f998d2921ed7dea03e;hb=cb104e1dc329188c066b6d6b843fdbd22f9e16de;hp=9b17376621c0bca8c2038ec9ac6991bb63c0b35b;hpb=15e6162eacc97158393bc75aed3afeb7b19c24a6;p=squirrelmail.git

diff --git a/plugins/squirrelspell/sqspell_interface.php b/plugins/squirrelspell/sqspell_interface.php
index 9b173766..32da3780 100644
--- a/plugins/squirrelspell/sqspell_interface.php
+++ b/plugins/squirrelspell/sqspell_interface.php
@@ -1,48 +1,60 @@
 <?php
 
-   /**
-    **  sqspell_interface.php -- Main wrapper for the pop-up.
-    **
-    **  Copyright (c) 1999-2002 The SquirrelMail development team
-    **  Licensed under the GNU GPL. For full terms see the file COPYING.
-    **
-    **   This is a main wrapper for the pop-up window interface of
-    **   SquirrelSpell.    
-    **
-    **  $Id$
-    **/
+/**
+ * sqspell_interface.php
+ *
+ * Main wrapper for the pop-up.
+ *
+ * Copyright (c) 1999-2003 The SquirrelMail development team
+ * Licensed under the GNU GPL. For full terms see the file COPYING.
+ *
+ * This is a main wrapper for the pop-up window interface of
+ * SquirrelSpell.    
+ *
+ * $Id$
+ *
+ * @author Konstantin Riabitsev <icon@duke.edu> ($Author$)
+ * @version $Date$
+ */
 
-    /*    	
-    ** Set up a couple of non-negotiable constants. Don't change these,
-    ** the setuppable stuff is in sqspell_config.php
-    */
-    $SQSPELL_DIR='squirrelspell';
-    $SQSPELL_CRYPTO=FALSE;
+/**    	
+ * Set up a couple of non-negotiable constants and
+ * defaults. Don't change these, * the setuppable stuff is in
+ * sqspell_config.php
+ */
+$SQSPELL_DIR='plugins/squirrelspell/';
+$SQSPELL_CRYPTO=FALSE;
     
-    /* Load the necessary stuff. */
-    chdir('..');
-    require_once('../src/validate.php');
-    require_once('../src/load_prefs.php');
-    require_once("$SQSPELL_DIR/sqspell_config.php");
-    require_once("$SQSPELL_DIR/sqspell_functions.php");
-    
-    /*
-    ** Now load the necessary module from the modules dir.
-    **
-    */
-    if (!$MOD) 
-        $MOD='init';
+/**
+ * Load the stuff needed from squirrelmail
+ */
+
+define('SM_PATH','../../');
+
+/* SquirrelMail required files. */
+require_once(SM_PATH . 'include/validate.php');
+require_once(SM_PATH . 'include/load_prefs.php');
+require_once(SM_PATH . $SQSPELL_DIR . 'sqspell_config.php');
+require_once(SM_PATH . $SQSPELL_DIR . 'sqspell_functions.php');
     
-    /*
-    ** see if someone is attempting to be nasty by trying to get out of the
-    ** modules directory, although it probably wouldn't do them any good,
-    ** since every module has to end with .mod.php. Still, they deserve
-    ** to be warned. ;)
-    */
-    if (strstr($MOD, '.') || strstr($MOD, '/') || strstr($MOD, '%')){ 
-    	echo _("SECURITY BREACH ON DECK 5! CMDR TUVOK AND SECURITY TEAM REQUESTED.");
-        exit;
-    }
-    /* fetch the module now. */
-    require_once("$SQSPELL_DIR/modules/$MOD.mod.php");
+/**
+ * $MOD is the name of the module to invoke.
+ * If $MOD is undefined, use "init", else check for security
+ * breaches.
+ */
+if(isset($_POST['MOD'])) {
+    $MOD = $_POST['MOD'];
+} elseif (isset($_GET['MOD'])) {
+    $MOD = $_GET['MOD'];
+} 
+
+if (!isset($MOD) || !$MOD){
+    $MOD='init';
+} else {
+    sqspell_ckMOD($MOD);
+}
+
+/* Include the module. */
+require_once(SM_PATH . $SQSPELL_DIR . "modules/$MOD.mod");
+
 ?>