<?php
- /**
- ** validate.php
- **
- ** Copyright (c) 1999-2000 The SquirrelMail development team
- ** Licensed under the GNU GPL. For full terms see the file COPYING.
- **
- ** $Id$
- **/
- if (defined ('validate_php')) {
- return;
- } else {
- define ('validate_php', true);
- }
+/**
+* validate.php
+*
+* Copyright (c) 1999-2002 The SquirrelMail Project Team
+* Licensed under the GNU GPL. For full terms see the file COPYING.
+*
+* $Id$
+*/
- session_start();
- include ('../functions/auth.php');
-
- is_logged_in();
+global $username, $attachment_dir;
+require_once('../functions/prefs.php');
- // Remove all slashes for form values
- if (get_magic_quotes_gpc())
- {
- global $REQUEST_METHOD;
- if ($REQUEST_METHOD == "POST")
- {
- global $HTTP_POST_VARS;
- RemoveSlashes($HTTP_POST_VARS);
- }
- elseif ($REQUEST_METHOD == "GET")
- {
- global $HTTP_GET_VARS;
- RemoveSlashes($HTTP_GET_VARS);
- }
- }
+session_save_path( getHashedDir($username, $attachment_dir) );
+session_start();
- // Auto-detection
- //
- // if $send (the form button's name) contains "\n" as the first char
- // and the script is compose.php, then trim everything. Otherwise,
- // we don't have to worry.
- //
- // This is for a RedHat package bug and a Konqueror (pre 2.1.1?) bug
- global $send, $PHP_SELF;
- if (isset($send) && substr($send, 0, 1) == "\n" &&
- substr($PHP_SELF, -12) == '/compose.php')
- {
- if ($REQUEST_METHOD == "POST") {
- global $HTTP_POST_VARS;
- TrimArray($HTTP_POST_VARS);
- } else {
- global $HTTP_GET_VARS;
- TrimArray($HTTP_GET_VARS);
- }
- }
+require_once('../functions/i18n.php');
+require_once('../functions/auth.php');
+require_once('../functions/strings.php');
- //**************************************************************************
- // Trims every element in the array
- //**************************************************************************
- function TrimArray(&$array) {
- foreach ($array as $k => $v) {
- global $$k;
- if (is_array($$k)) {
- foreach ($$k as $k2 => $v2) {
- $$k[$k2] = substr($v2, 1);
- }
- } else {
- $$k = substr($v, 1);
- }
- // Re-assign back to array
- $array[$k] = $$k;
- }
- }
-
-
- //**************************************************************************
- // Removes slashes from every element in the array
- //**************************************************************************
- function RemoveSlashes(&$array)
- {
- foreach ($array as $k => $v)
- {
- global $$k;
- if (is_array($$k))
- {
- foreach ($$k as $k2 => $v2)
- {
- $newArray[stripslashes($k2)] = stripslashes($v2);
- }
- $$k = $newArray;
- }
- else
- {
- $$k = stripslashes($v);
- }
- // Re-assign back to the array
- $array[$k] = $$k;
- }
- }
+is_logged_in();
- // Everyone needs stuff from config, and config needs stuff from
- // strings.php, so include them both here.
- // Include them down here instead of at the top so that all config
- // variables overwrite any passed in variables (for security)
- include ('../functions/strings.php');
- include ('../config/config.php');
-
+/* Remove all slashes for form values. */
+if (get_magic_quotes_gpc()) {
+ global $REQUEST_METHOD;
+
+ if ($REQUEST_METHOD == "POST") {
+ global $HTTP_POST_VARS;
+ RemoveSlashes($HTTP_POST_VARS);
+ } else if ($REQUEST_METHOD == "GET") {
+ global $HTTP_GET_VARS;
+ RemoveSlashes($HTTP_GET_VARS);
+ }
+}
+
+/**
+* Auto-detection
+*
+* if $send (the form button's name) contains "\n" as the first char
+* and the script is compose.php, then trim everything. Otherwise, we
+* don't have to worry.
+*
+* This is for a RedHat package bug and a Konqueror (pre 2.1.1?) bug
+*/
+global $send, $PHP_SELF;
+if (isset($send)
+ && (substr($send, 0, 1) == "\n")
+ && (substr($PHP_SELF, -12) == '/compose.php')) {
+ if ($REQUEST_METHOD == "POST") {
+ global $HTTP_POST_VARS;
+ TrimArray($HTTP_POST_VARS);
+ } else {
+ global $HTTP_GET_VARS;
+ TrimArray($HTTP_GET_VARS);
+ }
+}
+
+/**
+* Everyone needs stuff from config, and config needs stuff from
+* strings.php, so include them both here. Actually, strings is
+* included at the top now as the string array functions have
+* been moved into it.
+*
+* Include them down here instead of at the top so that all config
+* variables overwrite any passed in variables (for security).
+*/
+require_once('../config/config.php');
+require_once('../src/load_prefs.php');
+require_once('../functions/page_header.php');
+require_once('../functions/prefs.php');
+
+/* Set up the language (i18n.php was included by auth.php). */
+global $username, $data_dir;
+set_up_language(getPref($data_dir, $username, 'language'));
?>
projects / squirrelmail.git / blobdiff