f740c049 |
1 | <?php |
f7b1b3b1 |
2 | /** |
3 | * validate.php |
4 | * |
5 | * Copyright (c) 1999-2000 The SquirrelMail Development Team |
6 | * Licensed under the GNU GPL. For full terms see the file COPYING. |
7 | * |
8 | * $Id$ |
9 | */ |
f740c049 |
10 | |
f7b1b3b1 |
11 | if (defined ('validate_php')) { return; } |
12 | define ('validate_php', true); |
f740c049 |
13 | |
f7b1b3b1 |
14 | session_start(); |
15 | require_once('../functions/i18n.php'); |
16 | require_once('../functions/auth.php'); |
f740c049 |
17 | |
f7b1b3b1 |
18 | is_logged_in(); |
f740c049 |
19 | |
f7b1b3b1 |
20 | /* Remove all slashes for form values. */ |
21 | if (get_magic_quotes_gpc()) { |
22 | global $REQUEST_METHOD; |
f740c049 |
23 | |
f7b1b3b1 |
24 | if ($REQUEST_METHOD == "POST") { |
25 | global $HTTP_POST_VARS; |
26 | RemoveSlashes($HTTP_POST_VARS); |
27 | } else if ($REQUEST_METHOD == "GET") { |
28 | global $HTTP_GET_VARS; |
29 | RemoveSlashes($HTTP_GET_VARS); |
30 | } |
31 | } |
f740c049 |
32 | |
f7b1b3b1 |
33 | /** |
34 | * Auto-detection |
35 | * |
36 | * if $send (the form button's name) contains "\n" as the first char |
37 | * and the script is compose.php, then trim everything. Otherwise, we |
38 | * don't have to worry. |
39 | * |
40 | * This is for a RedHat package bug and a Konqueror (pre 2.1.1?) bug |
41 | */ |
42 | global $send, $PHP_SELF; |
43 | if (isset($send) |
44 | && (substr($send, 0, 1) == "\n") |
45 | && (substr($PHP_SELF, -12) == '/compose.php')) { |
46 | if ($REQUEST_METHOD == "POST") { |
47 | global $HTTP_POST_VARS; |
48 | TrimArray($HTTP_POST_VARS); |
49 | } else { |
50 | global $HTTP_GET_VARS; |
51 | TrimArray($HTTP_GET_VARS); |
52 | } |
53 | } |
54 | |
55 | /************************************/ |
56 | /* Trims every element in the array */ |
57 | /************************************/ |
58 | function TrimArray(&$array) { |
59 | foreach ($array as $k => $v) { |
60 | global $$k; |
61 | if (is_array($$k)) { |
62 | foreach ($$k as $k2 => $v2) { |
63 | $$k[$k2] = substr($v2, 1); |
64 | } |
65 | } else { |
66 | $$k = substr($v, 1); |
f740c049 |
67 | } |
f7b1b3b1 |
68 | |
69 | /* Re-assign back to array. */ |
70 | $array[$k] = $$k; |
71 | } |
72 | } |
f740c049 |
73 | |
74 | |
f7b1b3b1 |
75 | /***************************************************/ |
76 | /* Removes slashes from every element in the array */ |
77 | /***************************************************/ |
78 | function RemoveSlashes(&$array) { |
79 | foreach ($array as $k => $v) { |
80 | global $$k; |
81 | if (is_array($$k)) { |
82 | foreach ($$k as $k2 => $v2) { |
83 | $newArray[stripslashes($k2)] = stripslashes($v2); |
84 | } |
85 | $$k = $newArray; |
86 | } else { |
87 | $$k = stripslashes($v); |
88 | } |
89 | |
90 | /* Re-assign back to the array. */ |
91 | $array[$k] = $$k; |
92 | } |
93 | } |
f740c049 |
94 | |
f7b1b3b1 |
95 | /** |
96 | * Everyone needs stuff from config, and config needs stuff from |
97 | * strings.php, so include them both here. |
98 | * |
99 | * Include them down here instead of at the top so that all config |
100 | * variables overwrite any passed in variables (for security). |
101 | */ |
102 | require_once('../functions/strings.php'); |
103 | require_once('../config/config.php'); |
104 | require_once('../src/load_prefs.php'); |
105 | require_once('../functions/page_header.php'); |
106 | require_once('../functions/prefs.php'); |
d4e84069 |
107 | |
f7b1b3b1 |
108 | /* Set up the language (i18n.php was included by auth.php). */ |
109 | global $username, $data_dir; |
110 | set_up_language(getPref($data_dir, $username, 'language')); |
59e95aca |
111 | ?> |