X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=functions%2Fglobal.php;h=92a3705ecb343388958431594b2d30a3b895fe34;hp=36ee51a58011f14d01512ac8177b22f0adfd712b;hb=d555f507bfabde702f68cf33fd6c58840088c14d;hpb=f151e745404bb45f6162d41b4e75d5b0fbddceba diff --git a/functions/global.php b/functions/global.php index 36ee51a5..92a3705e 100644 --- a/functions/global.php +++ b/functions/global.php @@ -7,7 +7,7 @@ * It also has some session register functions that work across various * php versions. * - * @copyright © 1999-2007 The SquirrelMail Project Team + * @copyright © 1999-2009 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package squirrelmail @@ -155,7 +155,9 @@ function sqsession_unregister ($name) { unset($_SESSION[$name]); - session_unregister("$name"); + // starts throwing warnings in PHP 5.3.0 and is + // removed in PHP 6 and is redundant anyway + //session_unregister("$name"); } /** @@ -340,6 +342,9 @@ function sqgetGlobalVar($name, &$value, $search = SQ_INORDER, $default = NULL, $ case SQ_TYPE_INT: $value = (int) $value; break; case SQ_TYPE_STRING: $value = (string) $value; break; case SQ_TYPE_BOOL: $value = (bool) $value; break; + case SQ_TYPE_BIGINT: + $value = (preg_match('/^[0-9]+$/', $value) ? $value : '0'); + break; default: break; } } else if (!$result && !is_null($default)) { @@ -437,9 +442,29 @@ function sqsession_destroy() { global $base_uri, $_COOKIE, $_SESSION; - if (isset($_COOKIE[session_name()]) && session_name()) sqsetcookie(session_name(), $_COOKIE[session_name()], 1, $base_uri); + if (isset($_COOKIE[session_name()]) && session_name()) { + sqsetcookie(session_name(), $_COOKIE[session_name()], 1, $base_uri); + + /* + * Make sure to kill /src and /src/ cookies, just in case there are + * some left-over or malicious ones set in user's browser. + * NB: Note that an attacker could try to plant a cookie for one + * of the /plugins/* directories. Such cookies can block + * access to certain plugin pages, but they do not influence + * or fixate the $base_uri cookie, so we don't worry about + * trying to delete all of them here. + */ + sqsetcookie(session_name(), $_COOKIE[session_name()], 1, $base_uri . 'src'); + sqsetcookie(session_name(), $_COOKIE[session_name()], 1, $base_uri . 'src/'); + } + if (isset($_COOKIE['key']) && $_COOKIE['key']) sqsetcookie('key','SQMTRASH',1,$base_uri); + /* Make sure new session id is generated on subsequent session_start() */ + unset($_COOKIE[session_name()]); + unset($_GET[session_name()]); + unset($_POST[session_name()]); + $sessid = session_id(); if (!empty( $sessid )) { $_SESSION = array(); @@ -555,6 +580,7 @@ function sqsetcookie($sName, $sValue='deleted', $iExpire=0, $sPath="", $sDomain= * session_regenerate_id replacement for PHP < 4.3.2 * * This code is borrowed from Gallery, session.php version 1.53.2.1 +FIXME: I saw this code on php.net (in the manual); that's where it comes from originally, but I don't think we need it - it's just redundant to all the hard work we already did seeding the random number generator IMO. I think we can just call to GenerateRandomString() and dump the rest. */ if (!function_exists('session_regenerate_id')) {