Fix HTTPS detection under Windows IIS (#2318118)

[squirrelmail.git] / include / init.php

diff --git a/include/init.php b/include/init.php
index 80962c357347843ac65bc96082fbcdef2afcea50..9f17708eb87466feed7f59a8d9bb792a6d78f988 100644 (file)
--- a/include/init.php
+++ b/include/init.php
@@ -19,7 +19,6 @@ FIXME: disabling this for now, because we now have $sm_debug_mode, but the probl
 //error_reporting(E_ALL);
 
 
-
 /**
  * Make sure we have a page name
  *
@@ -75,6 +74,14 @@ if ((bool) ini_get('register_globals') &&
 global $null;
 $null = NULL;
 
+/**
+ * The global $server_os variable will be "windows" if
+ * we are working in a Windows environment or "*nix"
+ * otherwise.
+ */
+global $server_os;
+if (DIRECTORY_SEPARATOR == '\\') $server_os = 'windows'; else $server_os = '*nix';
+
 /**
  * [#1518885] session.use_cookies = off breaks SquirrelMail
  *
@@ -113,9 +120,20 @@ if(!empty($_SERVER['UNIQUE_ID'])) {
 $seed .= uniqid(mt_rand(),TRUE);
 $seed .= implode( '', stat( __FILE__) );
 
-/** PHP 4.2 and up don't require seeding, but their used seed algorithm
- *  is of questionable quality, so we keep doing it ourselves. */
-mt_srand(hexdec(md5($seed)));
+// mt_srand() uses an integer to seed, so we need to distill our
+// very large seed to something useful (without taking a sub-string,
+// the integer conversion of such a large number is always 0 on
+// many systems, but strangely, 9 hex numbers - even if larger
+// than a signed 32 bit integer - seem to be an acceptable "integer"
+// seed (perhaps it is used as unsigned?)...
+// we may want to revisit this and always force it to be less than
+// 2,147,483,647
+//
+$seed = hexdec(substr(md5($seed), 0, 9));
+
+// PHP 4.2 and up don't require seeding, but their used seed algorithm
+// is of questionable quality, so we keep doing it ourselves. */
+mt_srand($seed);
 
 /**
  * calculate SM_PATH and calculate the base_uri
@@ -183,6 +201,7 @@ require(SM_PATH . 'include/constants.php');
 require(SM_PATH . 'functions/global.php');
 require(SM_PATH . 'functions/strings.php');
 require(SM_PATH . 'functions/arrays.php');
+require(SM_PATH . 'functions/files.php');
 
 /* load default configuration */
 require(SM_PATH . 'config/config_default.php');
@@ -216,6 +235,12 @@ if ($sm_debug_mode & SM_DEBUG_MODE_STRICT)
 error_reporting($error_level);
 
 
+/** 
+ * Detect SSL connections
+ */
+$is_secure_connection = is_ssl_secured_connection();
+ 
+
 require(SM_PATH . 'functions/plugin.php');
 require(SM_PATH . 'include/languages.php');
 require(SM_PATH . 'class/template/Template.class.php');
@@ -447,6 +472,19 @@ if (! sqgetGlobalVar('squirrelmail_language',$squirrelmail_language,SQ_COOKIE))
 }
 
 
+/**
+ * In some cases, buffering all output allows more complex functionality,
+ * especially for plugins that want to add headers on hooks that are beyond
+ * the point of output having been sent to the browser otherwise.
+ *
+ * Note that we don't turn this on any earlier since we want to allow plugins
+ * to turn it on themselves via a configuration override on the prefs_backend
+ * hook.
+ *
+ */
+if ($buffer_output) ob_start(!empty($buffered_output_handler) ? $buffered_output_handler : NULL);
+
+
 /**
  * Do something special for some pages. This is based on the PAGE_NAME constant
  * set at the top of every page.