include/validate.php

   1 <?php
   2
   3 /**
   4 * validate.php
   5 *
   6 * Copyright (c) 1999-2002 The SquirrelMail Project Team
   7 * Licensed under the GNU GPL. For full terms see the file COPYING.
   8 *
   9 * $Id$
  10 */
  11
  12 /* include the mime class before the session start ! otherwise we can't store
  13  * messages with a session_register.
  14  *
  15  * From http://www.php.net/manual/en/language.oop.serialization.php:
  16  *   In case this isn't clear:
  17  *   In 4.2 and below:
  18  *      session.auto_start and session objects are mutually exclusive.
  19  *
  20  * We need to load the classes before the session is started,
  21  * except that the session could be started automatically
  22  * via session.auto_start. So, we'll close the session,
  23  * then load the classes, and reopen the session which should
  24  * make everything happy.
  25  *
  26  * ** Note this means that for the 1.3.2 release, we should probably
  27  * recommend that people set session.auto_start=0 to avoid this altogether.
  28  */
  29 session_write_close();
  30
  31 /* SquirrelMail required files. */
  32 require_once(SM_PATH . 'class/mime.class.php');
  33
  34 session_start();
  35
  36 require_once(SM_PATH . 'functions/i18n.php');
  37 require_once(SM_PATH . 'functions/auth.php');
  38 require_once(SM_PATH . 'functions/strings.php');
  39 require_once(SM_PATH . 'functions/global.php');
  40
  41 is_logged_in();
  42
  43 /* Remove all slashes for form values. */
  44 if (get_magic_quotes_gpc()) {
  45     global $REQUEST_METHOD;
  46
  47     if ($REQUEST_METHOD == 'POST') {
  48         global $HTTP_POST_VARS;
  49         RemoveSlashes($HTTP_POST_VARS);
  50     } else if ($REQUEST_METHOD == 'GET') {
  51         global $HTTP_GET_VARS;
  52         RemoveSlashes($HTTP_GET_VARS);
  53     }
  54 }
  55
  56 /**
  57 * Auto-detection
  58 *
  59 * if $send (the form button's name) contains "\n" as the first char
  60 * and the script is compose.php, then trim everything. Otherwise, we
  61 * don't have to worry.
  62 *
  63 * This is for a RedHat package bug and a Konqueror (pre 2.1.1?) bug
  64 */
  65 global $send, $PHP_SELF;
  66 if (isset($send)
  67     && (substr($send, 0, 1) == "\n")
  68     && (substr($PHP_SELF, -12) == '/compose.php')) {
  69     if ($REQUEST_METHOD == 'POST') {
  70         global $HTTP_POST_VARS;
  71         TrimArray($HTTP_POST_VARS);
  72     } else {
  73         global $HTTP_GET_VARS;
  74         TrimArray($HTTP_GET_VARS);
  75     }
  76 }
  77
  78 /**
  79 * Everyone needs stuff from config, and config needs stuff from
  80 * strings.php, so include them both here. Actually, strings is
  81 * included at the top now as the string array functions have
  82 * been moved into it.
  83 *
  84 * Include them down here instead of at the top so that all config
  85 * variables overwrite any passed in variables (for security).
  86 */
  87
  88 /**
  89  * Reset the $theme() array in case a value was passed via a cookie.
  90  * This is until theming is rewritten.
  91  */
  92 global $theme;
  93 unset($theme);
  94 $theme=array();
  95
  96 require_once(SM_PATH . 'config/config.php');
  97 require_once(SM_PATH . 'include/load_prefs.php');
  98 require_once(SM_PATH . 'functions/page_header.php');
  99 require_once(SM_PATH . 'functions/prefs.php');
 100
 101 /* Set up the language (i18n.php was included by auth.php). */
 102 global $username, $data_dir;
 103 set_up_language(getPref($data_dir, $username, 'language'));
 104
 105 $timeZone = getPref($data_dir, $username, 'timezone');
 106 if ( $timeZone != SMPREF_NONE && ($timeZone != "")
 107     && !ini_get("safe_mode")) {
 108     putenv("TZ=".$timeZone);
 109 }
 110 ?>