include/validate.php

   1 <?php
   2
   3 /**
   4 * validate.php
   5 *
   6 * Copyright (c) 1999-2003 The SquirrelMail Project Team
   7 * Licensed under the GNU GPL. For full terms see the file COPYING.
   8 *
   9 * $Id$
  10 */
  11
  12 /* include the mime class before the session start ! otherwise we can't store
  13  * messages with a session_register.
  14  *
  15  * From http://www.php.net/manual/en/language.oop.serialization.php:
  16  *   In case this isn't clear:
  17  *   In 4.2 and below:
  18  *      session.auto_start and session objects are mutually exclusive.
  19  *
  20  * We need to load the classes before the session is started,
  21  * except that the session could be started automatically
  22  * via session.auto_start. So, we'll close the session,
  23  * then load the classes, and reopen the session which should
  24  * make everything happy.
  25  *
  26  * ** Note this means that for the 1.3.2 release, we should probably
  27  * recommend that people set session.auto_start=0 to avoid this altogether.
  28  */
  29
  30 session_write_close();
  31
  32 /* SquirrelMail required files. */
  33 require_once(SM_PATH . 'class/mime.class.php');
  34 require_once(SM_PATH . 'functions/strings.php');
  35 require_once(SM_PATH . 'config/config.php');
  36
  37 /* set the name of the session cookie */
  38 if(isset($session_name) && $session_name) {
  39     ini_set('session.name' , $session_name);
  40 } else {
  41     ini_set('session.name' , 'SQMSESSID');
  42 }
  43
  44 session_start();
  45
  46 require_once(SM_PATH . 'functions/i18n.php');
  47 require_once(SM_PATH . 'functions/auth.php');
  48 require_once(SM_PATH . 'functions/global.php');
  49
  50 is_logged_in();
  51
  52 /**
  53 * Auto-detection
  54 *
  55 * if $send (the form button's name) contains "\n" as the first char
  56 * and the script is compose.php, then trim everything. Otherwise, we
  57 * don't have to worry.
  58 *
  59 * This is for a RedHat package bug and a Konqueror (pre 2.1.1?) bug
  60 */
  61 global $send, $PHP_SELF;
  62 if (isset($send)
  63     && (substr($send, 0, 1) == "\n")
  64     && (substr($PHP_SELF, -12) == '/compose.php')) {
  65     if ($REQUEST_METHOD == 'POST') {
  66         global $HTTP_POST_VARS;
  67         TrimArray($HTTP_POST_VARS);
  68     } else {
  69         global $HTTP_GET_VARS;
  70         TrimArray($HTTP_GET_VARS);
  71     }
  72 }
  73
  74 /**
  75 * Everyone needs stuff from config, and config needs stuff from
  76 * strings.php, so include them both here. Actually, strings is
  77 * included at the top now as the string array functions have
  78 * been moved into it.
  79 *
  80 * Include them down here instead of at the top so that all config
  81 * variables overwrite any passed in variables (for security).
  82 */
  83
  84 /**
  85  * Reset the $theme() array in case a value was passed via a cookie.
  86  * This is until theming is rewritten.
  87  */
  88 global $theme;
  89 unset($theme);
  90 $theme=array();
  91
  92 require_once(SM_PATH . 'include/load_prefs.php');
  93 require_once(SM_PATH . 'functions/page_header.php');
  94 require_once(SM_PATH . 'functions/prefs.php');
  95
  96 /* Set up the language (i18n.php was included by auth.php). */
  97 global $username, $data_dir;
  98 set_up_language(getPref($data_dir, $username, 'language'));
  99
 100 $timeZone = getPref($data_dir, $username, 'timezone');
 101
 102 /* Check to see if we are allowed to set the TZ environment variable.
 103  * We are able to do this if ...
 104  *   safe_mode is disabled OR
 105  *   safe_mode_allowed_env_vars is empty (you are allowed to set any) OR
 106  *   safe_mode_allowed_env_vars contains TZ
 107  */
 108 $tzChangeAllowed = (!ini_get('safe_mode')) ||
 109                     !strcmp(ini_get('safe_mode_allowed_env_vars'),'') ||
 110                     preg_match('/^([\w_]+,)*TZ/', ini_get('safe_mode_allowed_env_vars'));
 111
 112 if ( $timeZone != SMPREF_NONE && ($timeZone != "")
 113     && $tzChangeAllowed ) {
 114     putenv("TZ=".$timeZone);
 115 }
 116 ?>