X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=src%2Fvalidate.php;h=c74be9c4d9af1dfc8067bd492c319fba2886d58f;hb=f1177e370685e47d9e3fcff3b03a84d03ab66bdd;hp=7added477318dfd7f4b3b0e4c6460615c3bb7b42;hpb=6ee631f7b92f6a205e0841ac40e6b0e763a5a734;p=squirrelmail.git diff --git a/src/validate.php b/src/validate.php index 7added47..c74be9c4 100644 --- a/src/validate.php +++ b/src/validate.php @@ -1,108 +1,111 @@ $v) { - global $$k; - if (is_array($$k)) { - foreach ($$k as $k2 => $v2) { - $$k[$k2] = substr($v2, 1); + /** + * Auto-detection + * + * if $send (the form button's name) contains "\n" as the first char + * and the script is compose.php, then trim everything. Otherwise, we + * don't have to worry. + * + * This is for a RedHat package bug and a Konqueror (pre 2.1.1?) bug + */ + global $send, $PHP_SELF; + if (isset($send) + && (substr($send, 0, 1) == "\n") + && (substr($PHP_SELF, -12) == '/compose.php')) { + if ($REQUEST_METHOD == "POST") { + global $HTTP_POST_VARS; + TrimArray($HTTP_POST_VARS); + } else { + global $HTTP_GET_VARS; + TrimArray($HTTP_GET_VARS); + } + } + + /************************************/ + /* Trims every element in the array */ + /************************************/ + function TrimArray(&$array) { + foreach ($array as $k => $v) { + global $$k; + if (is_array($$k)) { + foreach ($$k as $k2 => $v2) { + $$k[$k2] = substr($v2, 1); + } + } else { + $$k = substr($v, 1); } - } else { - $$k = substr($v, 1); - } - // Re-assign back to array - $array[$k] = $$k; - } - } + + /* Re-assign back to array. */ + $array[$k] = $$k; + } + } - //************************************************************************** - // Removes slashes from every element in the array - //************************************************************************** - function RemoveSlashes(&$array) - { - foreach ($array as $k => $v) - { - global $$k; - if (is_array($$k)) - { - foreach ($$k as $k2 => $v2) - { - $newArray[stripslashes($k2)] = stripslashes($v2); - } - $$k = $newArray; - } - else - { - $$k = stripslashes($v); - } - // Re-assign back to the array - $array[$k] = $$k; - } - } + /***************************************************/ + /* Removes slashes from every element in the array */ + /***************************************************/ + function RemoveSlashes(&$array) { + foreach ($array as $k => $v) { + global $$k; + if (is_array($$k)) { + foreach ($$k as $k2 => $v2) { + $newArray[stripslashes($k2)] = stripslashes($v2); + } + $$k = $newArray; + } else { + $$k = stripslashes($v); + } + + /* Re-assign back to the array. */ + $array[$k] = $$k; + } + } + + /** + * Everyone needs stuff from config, and config needs stuff from + * strings.php, so include them both here. + * + * Include them down here instead of at the top so that all config + * variables overwrite any passed in variables (for security). + */ + require_once('../functions/strings.php'); + require_once('../config/config.php'); + require_once('../src/load_prefs.php'); + require_once('../functions/page_header.php'); + require_once('../functions/prefs.php'); + /* Set up the language (i18n.php was included by auth.php). */ + global $username, $data_dir; + set_up_language(getPref($data_dir, $username, 'language')); ?>