functions/global.php

   1 <?php
   2
   3 /**
   4  * globals.php
   5  *
   6  * Copyright (c) 1999-2002 The SquirrelMail Project Team
   7  * Licensed under the GNU GPL. For full terms see the file COPYING.
   8  *
   9  * This includes code to update < 4.1.0 globals to the newer format
  10  * It also has some session register functions that work across various
  11  * php versions.
  12  *
  13  * $Id$
  14  */
  15
  16
  17 /* convert old-style superglobals to current method
  18  * this is executed if you are running PHP 4.0.x.
  19  * it is run via a require_once directive in validate.php
  20  * and redirect.php. Patch submitted by Ray Black.
  21  */
  22
  23 if ( !check_php_version(4,1) ) {
  24   global $_COOKIE, $_ENV, $_FILES, $_GET, $_POST, $_SERVER, $_SESSION;
  25   global $HTTP_COOKIE_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES, $HTTP_GET_VARS,
  26          $HTTP_POST_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS;
  27   $_COOKIE  =& $HTTP_COOKIE_VARS;
  28   $_ENV     =& $HTTP_ENV_VARS;
  29   $_FILES   =& $HTTP_POST_FILES;
  30   $_GET     =& $HTTP_GET_VARS;
  31   $_POST    =& $HTTP_POST_VARS;
  32   $_SERVER  =& $HTTP_SERVER_VARS;
  33   $_SESSION =& $HTTP_SESSION_VARS;
  34 }
  35
  36 /* if running with magic_quotes_gpc then strip the slashes
  37    from POST and GET global arrays */
  38
  39 if (get_magic_quotes_gpc()) {
  40     sqstripslashes($_GET);
  41     sqstripslashes($_POST);
  42 }
  43
  44 /* strip any tags added to the url from PHP_SELF.
  45    This fixes hand crafted url XXS expoits for any
  46    page that uses PHP_SELF as the FORM action */
  47
  48 strip_tags($_SERVER['PHP_SELF']);
  49
  50 /* returns true if current php version is at mimimum a.b.c */
  51 function check_php_version ($a = '0', $b = '0', $c = '0')
  52 {
  53     global $SQ_PHP_VERSION;
  54
  55     if(!isset($SQ_PHP_VERSION))
  56         $SQ_PHP_VERSION = str_pad( preg_replace('/\D/','', PHP_VERSION), 3, '0');
  57
  58     return $SQ_PHP_VERSION >= ($a.$b.$c);
  59 }
  60
  61 function sqstripslashes(&$array) {
  62     foreach ($array as $index=>$value) {
  63         if (is_array($array[$index])) {
  64             sqstripslashes($array[$index]);
  65         }
  66         else {
  67             $array[$index] = stripslashes($value);
  68         }
  69     }
  70 }
  71
  72 function sqsession_register ($var, $name) {
  73     if ( !check_php_version(4,1) ) {
  74         global $HTTP_SESSION_VARS;
  75         $HTTP_SESSION_VARS[$name] = $var;
  76     }
  77     else {
  78         $_SESSION["$name"] = $var;
  79     }
  80 }
  81 function sqsession_unregister ($name) {
  82     if ( !check_php_version(4,1) ) {
  83         global $HTTP_SESSION_VARS;
  84         unset($HTTP_SESSION_VARS[$name]);
  85     }
  86     else {
  87         unset($_SESSION[$name]);
  88     }
  89 }
  90 function sqsession_is_registered ($name) {
  91     $test_name = &$name;
  92     $result = false;
  93     if ( !check_php_version(4,1) ) {
  94         global $HTTP_SESSION_VARS;
  95         if (isset($HTTP_SESSION_VARS[$test_name])) {
  96             $result = true;
  97         }
  98     }
  99     else {
 100         if (isset($_SESSION[$test_name])) {
 101             $result = true;
 102         }
 103     }
 104     return $result;
 105 }
 106
 107
 108 /**
 109  *  Search for the var $name in $_SESSION, $_POST, $_GET
 110  *  (in that order) and register it as a global var.
 111  */
 112 function sqextractGlobalVar ($name) {
 113     if ( !check_php_version(4,1) ) {
 114         global $_SESSION, $_GET, $_POST;
 115     }
 116     global  $$name;
 117     if( isset($_SESSION[$name]) ) {
 118         $$name = $_SESSION[$name];
 119     }
 120     if( isset($_POST[$name]) ) {
 121         $$name = $_POST[$name];
 122     }
 123     else if ( isset($_GET[$name]) ) {
 124         $$name =  $_GET[$name];
 125     }
 126 }
 127
 128 function sqsession_destroy() {
 129     global $base_uri;
 130
 131     /* start session to be able to destroy it later */
 132     session_start();
 133
 134     if ( !check_php_version(4,1) ) {
 135         global $HTTP_SESSION_VARS;
 136         $HTTP_SESSION_VARS = array();
 137     }
 138     else {
 139         $_SESSION = array();
 140     }
 141
 142     /*
 143      * now reset cookies to 5 seconds ago to delete from browser
 144      */
 145
 146     @session_destroy();
 147     $cookie_params = session_get_cookie_params();
 148     setcookie(session_name(), '', time() - 5, $cookie_params['path'],
 149         $cookie_params['domain']);
 150     setcookie('username', '', time() - 5, $base_uri);
 151     setcookie('key', '', time() - 5 , $base_uri);
 152 }
 153
 154 ?>