src/validate.php

   1 <?php
   2    /**
   3     **  validate.php
   4     **
   5     **  Copyright (c) 1999-2000 The SquirrelMail development team
   6     **  Licensed under the GNU GPL. For full terms see the file COPYING.
   7     **
   8     **  $Id$
   9     **/
  10
  11    if (defined ('validate_php'))
  12       return;
  13    define ('validate_php', true);
  14
  15    session_start();
  16    include ('../functions/auth.php');
  17
  18    is_logged_in();
  19
  20
  21    // Remove all slashes for form values
  22    if (get_magic_quotes_gpc())
  23    {
  24        global $REQUEST_METHOD;
  25        if ($REQUEST_METHOD == "POST")
  26        {
  27            global $HTTP_POST_VARS;
  28            RemoveSlashes($HTTP_POST_VARS);
  29        }
  30        elseif ($REQUEST_METHOD == "GET")
  31        {
  32            global $HTTP_GET_VARS;
  33            RemoveSlashes($HTTP_GET_VARS);
  34        }
  35    }
  36
  37    // Auto-detection
  38    //
  39    // if $send (the form button's name) contains "\n" as the first char
  40    // and the script is compose.php, then trim everything.  Otherwise,
  41    // we don't have to worry.
  42    //
  43    // This is for a RedHat package bug and a Konqueror (pre 2.1.1?) bug
  44    global $send, $PHP_SELF;
  45    if (isset($send) && substr($send, 0, 1) == "\n" &&
  46        substr($PHP_SELF, -12) == '/compose.php')
  47    {
  48       if ($REQUEST_METHOD == "POST") {
  49          global $HTTP_POST_VARS;
  50          TrimArray($HTTP_POST_VARS);
  51       } else {
  52          global $HTTP_GET_VARS;
  53          TrimArray($HTTP_GET_VARS);
  54       }
  55    }
  56
  57    //**************************************************************************
  58    // Trims every element in the array
  59    //**************************************************************************
  60    function TrimArray(&$array) {
  61       foreach ($array as $k => $v) {
  62          global $$k;
  63          if (is_array($$k)) {
  64             foreach ($$k as $k2 => $v2) {
  65                $$k[$k2] = substr($v2, 1);
  66             }
  67          } else {
  68             $$k = substr($v, 1);
  69          }
  70          // Re-assign back to array
  71          $array[$k] = $$k;
  72       }
  73    }
  74
  75
  76    //**************************************************************************
  77    // Removes slashes from every element in the array
  78    //**************************************************************************
  79    function RemoveSlashes(&$array)
  80    {
  81        foreach ($array as $k => $v)
  82        {
  83            global $$k;
  84            if (is_array($$k))
  85            {
  86                foreach ($$k as $k2 => $v2)
  87                {
  88                    $newArray[stripslashes($k2)] = stripslashes($v2);
  89                }
  90                $$k = $newArray;
  91            }
  92            else
  93            {
  94                $$k = stripslashes($v);
  95            }
  96            // Re-assign back to the array
  97            $array[$k] = $$k;
  98        }
  99    }
 100
 101    // Everyone needs stuff from config, and config needs stuff from
 102    // strings.php, so include them both here.
 103    // Include them down here instead of at the top so that all config
 104    // variables overwrite any passed in variables (for security)
 105    include ('../functions/strings.php');
 106    include ('../config/config.php');
 107    include ('../src/load_prefs.php');
 108    include ('../functions/page_header.php');
 109
 110    // Set up the language
 111    // i18n.php was included by auth.php
 112    global $username, $data_dir;
 113    set_up_language(getPref($data_dir, $username, 'language'));
 114 ?>