X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=functions%2Fglobal.php;h=bd984edaca80f980716c85fc99d4f8e96c462350;hp=3b06a8e37190db92a0f53ba9006b813779fa14fc;hb=45ca696232838b8cf8d6069f5fa2740b61dcc340;hpb=8b096f0a2427cf0019f4dc4433a3e02b9f6f5951;ds=sidebyside diff --git a/functions/global.php b/functions/global.php index 3b06a8e3..bd984eda 100644 --- a/functions/global.php +++ b/functions/global.php @@ -3,101 +3,44 @@ /** * global.php * - * Copyright (c) 1999-2003 The SquirrelMail Project Team - * Licensed under the GNU GPL. For full terms see the file COPYING. - * - * This includes code to update < 4.1.0 globals to the newer format + * This includes code to update < 4.1.0 globals to the newer format * It also has some session register functions that work across various - * php versions. + * php versions. * - * $Id$ + * @copyright © 1999-2007 The SquirrelMail Project Team + * @license http://opensource.org/licenses/gpl-license.php GNU Public License + * @version $Id$ * @package squirrelmail */ -/** Bring in the config file. */ -require_once(SM_PATH . 'config/config.php'); - -/** set the name of the session cookie */ -if(isset($session_name) && $session_name) { - ini_set('session.name' , $session_name); -} else { - ini_set('session.name' , 'SQMSESSID'); -} - -/** If magic_quotes_runtime is on, SquirrelMail breaks in new and creative ways. - * Force magic_quotes_runtime off. - * tassium@squirrelmail.org - I put it here in the hopes that all SM code includes this. - * If there's a better place, please let me know. - */ -ini_set('magic_quotes_runtime','0'); - -/* Since we decided all IMAP servers must implement the UID command as defined in - * the IMAP RFC, we force $uid_support to be on. +/** */ +define('SQ_INORDER',0); +define('SQ_GET',1); +define('SQ_POST',2); +define('SQ_SESSION',3); +define('SQ_COOKIE',4); +define('SQ_SERVER',5); +define('SQ_FORM',6); -global $uid_support; -$uid_support = true; - -sqsession_is_active(); - -/* convert old-style superglobals to current method - * this is executed if you are running PHP 4.0.x. - * it is run via a require_once directive in validate.php - * and redirect.php. Patch submitted by Ray Black. - */ - -if ( !check_php_version(4,1) ) { - global $_COOKIE, $_ENV, $_FILES, $_GET, $_POST, $_SERVER, $_SESSION; - global $HTTP_COOKIE_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES, $HTTP_GET_VARS, - $HTTP_POST_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $PHP_SELF; - $_COOKIE =& $HTTP_COOKIE_VARS; - $_ENV =& $HTTP_ENV_VARS; - $_FILES =& $HTTP_POST_FILES; - $_GET =& $HTTP_GET_VARS; - $_POST =& $HTTP_POST_VARS; - $_SERVER =& $HTTP_SERVER_VARS; - $_SESSION =& $HTTP_SESSION_VARS; - if (!isset($PHP_SELF) || empty($PHP_SELF)) { - $PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF']; - } -} - -/* if running with magic_quotes_gpc then strip the slashes - from POST and GET global arrays */ - -if (get_magic_quotes_gpc()) { - sqstripslashes($_GET); - sqstripslashes($_POST); -} - -/* strip any tags added to the url from PHP_SELF. - This fixes hand crafted url XXS expoits for any - page that uses PHP_SELF as the FORM action */ - -$_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']); -/** - * returns true if current php version is at mimimum a.b.c - * +/** + * returns true if current php version is at mimimum a.b.c + * * Called: check_php_version(4,1) * @param int a major version number * @param int b minor version number * @param int c release number * @return bool */ -function check_php_version ($a = '0', $b = '0', $c = '0') +function check_php_version ($a = '0', $b = '0', $c = '0') { - global $SQ_PHP_VERSION; - - if(!isset($SQ_PHP_VERSION)) - $SQ_PHP_VERSION = substr( str_pad( preg_replace('/\D/','', PHP_VERSION), 3, '0'), 0, 3); - - return $SQ_PHP_VERSION >= ($a.$b.$c); + return version_compare ( PHP_VERSION, "$a.$b.$c", 'ge' ); } /** - * returns true if the current internal SM version is at minimum a.b.c - * These are plain integer comparisons, as our internal version is + * returns true if the current internal SM version is at minimum a.b.c + * These are plain integer comparisons, as our internal version is * constructed by us, as an array of 3 ints. * * Called: check_sm_version(1,3,3) @@ -111,12 +54,14 @@ function check_sm_version($a = 0, $b = 0, $c = 0) global $SQM_INTERNAL_VERSION; if ( !isset($SQM_INTERNAL_VERSION) || $SQM_INTERNAL_VERSION[0] < $a || - $SQM_INTERNAL_VERSION[1] < $b || - ( $SQM_INTERNAL_VERSION[1] == $b && + ( $SQM_INTERNAL_VERSION[0] == $a && + $SQM_INTERNAL_VERSION[1] < $b) || + ( $SQM_INTERNAL_VERSION[0] == $a && + $SQM_INTERNAL_VERSION[1] == $b && $SQM_INTERNAL_VERSION[2] < $c ) ) { return FALSE; - } - return TRUE; + } + return TRUE; } @@ -148,14 +93,7 @@ function sqsession_register ($var, $name) { sqsession_is_active(); - if ( !check_php_version(4,1) ) { - global $HTTP_SESSION_VARS; - $HTTP_SESSION_VARS[$name] = $var; - } - else { - $_SESSION["$name"] = $var; - } - session_register("$name"); + $_SESSION[$name] = $var; } /** @@ -167,13 +105,8 @@ function sqsession_unregister ($name) { sqsession_is_active(); - if ( !check_php_version(4,1) ) { - global $HTTP_SESSION_VARS; - unset($HTTP_SESSION_VARS[$name]); - } - else { - unset($_SESSION[$name]); - } + unset($_SESSION[$name]); + session_unregister("$name"); } @@ -186,77 +119,139 @@ function sqsession_unregister ($name) { function sqsession_is_registered ($name) { $test_name = &$name; $result = false; - if ( !check_php_version(4,1) ) { - global $HTTP_SESSION_VARS; - if (isset($HTTP_SESSION_VARS[$test_name])) { - $result = true; - } - } - else { - if (isset($_SESSION[$test_name])) { - $result = true; - } + + if (isset($_SESSION[$test_name])) { + $result = true; } + return $result; } -define('SQ_INORDER',0); -define('SQ_GET',1); -define('SQ_POST',2); -define('SQ_SESSION',3); -define('SQ_COOKIE',4); -define('SQ_SERVER',5); -define('SQ_FORM',6); +/** + * Retrieves a form variable, from a set of possible similarly named + * form variables, based on finding a different, single field. This + * is intended to allow more than one same-named inputs in a single + *