X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=functions%2Fglobal.php;h=d211773c2e091fe625eff920b0b63367e7ef5512;hp=fcaceff04b7594900f4d641222ae93ff1e8dc1a8;hb=475bcb51d681738f4978b47e05d88eb25cba4b1c;hpb=513db22cda75e4b47b441baa128d09e4c51df7e9 diff --git a/functions/global.php b/functions/global.php index fcaceff0..d211773c 100644 --- a/functions/global.php +++ b/functions/global.php @@ -1,129 +1,852 @@ 0) { + foreach ($array as $index=>$value) { + if (is_array($array[$index])) { + sqstripslashes($array[$index]); + } + else { + $array[$index] = stripslashes($value); + } + } + } +} + +/** + * Squelch error output to screen (only) for the given function. + * If the SquirrelMail debug mode SM_DEBUG_MODE_ADVANCED is not + * enabled, error output will not go to the log, either. + * + * This provides an alternative to the @ error-suppression + * operator where errors will not be shown in the interface + * but will show up in the server log file (assuming the + * administrator has configured PHP logging). + * + * @since 1.4.12 and 1.5.2 + * + * @param string $function The function to be executed + * @param array $args The arguments to be passed to the function + * (OPTIONAL; default no arguments) + * NOTE: The caller must take extra action if + * the function being called is supposed + * to use any of the parameters by + * reference. In the following example, + * $x is passed by reference and $y is + * passed by value to the "my_func" + * function. + * sq_call_function_suppress_errors('my_func', array(&$x, $y)); + * + * @return mixed The return value, if any, of the function being + * executed will be returned. + * + */ +function sq_call_function_suppress_errors($function, $args=NULL) { + global $sm_debug_mode; + + $display_errors = ini_get('display_errors'); + ini_set('display_errors', '0'); + + // if advanced debug mode isn't enabled, don't log the error, either + // + if (!($sm_debug_mode & SM_DEBUG_MODE_ADVANCED)) + $error_reporting = error_reporting(0); + + $ret = call_user_func_array($function, $args); + + if (!($sm_debug_mode & SM_DEBUG_MODE_ADVANCED)) + error_reporting($error_reporting); + + ini_set('display_errors', $display_errors); + return $ret; +} + +/** + * Add a variable to the session. + * @param mixed $var the variable to register + * @param string $name the name to refer to this variable + * @return void + */ +function sqsession_register ($var, $name) { + + sqsession_is_active(); + + $_SESSION[$name] = $var; +} + +/** + * Delete a variable from the session. + * @param string $name the name of the var to delete + * @return void + */ +function sqsession_unregister ($name) { + + sqsession_is_active(); + + unset($_SESSION[$name]); + session_unregister("$name"); +} -/* convert old-style superglobals to current method - * this is executed if you are running PHP 4.0.x. - * it is run via a require_once directive in validate.php - * and redirect.php. Patch submitted by Ray Black. - */ +/** + * Checks to see if a variable has already been registered + * in the session. + * @param string $name the name of the var to check + * @return bool whether the var has been registered + */ +function sqsession_is_registered ($name) { + $test_name = &$name; + $result = false; -if ( (float)substr(PHP_VERSION,0,3) < 4.1 ) { - global $_COOKIE, $_ENV, $_FILES, $_GET, $_POST, $_SERVER, $_SESSION; - global $HTTP_COOKIE_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES, $HTTP_GET_VARS, - $HTTP_POST_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS; - $_COOKIE =& $HTTP_COOKIE_VARS; - $_ENV =& $HTTP_ENV_VARS; - $_FILES =& $HTTP_POST_FILES; - $_GET =& $HTTP_GET_VARS; - $_POST =& $HTTP_POST_VARS; - $_SERVER =& $HTTP_SERVER_VARS; - $_SESSION =& $HTTP_SESSION_VARS; + if (isset($_SESSION[$test_name])) { + $result = true; + } + + return $result; } -/* if running with register_globals = 0 and - magic_quotes_gpc then strip the slashes - from POST and GET global arrays */ -if (get_magic_quotes_gpc()) { - if (ini_get('register_globals') == 0) { - sqstripslashes($_GET); - sqstripslashes($_POST); +/** + * Retrieves a form variable, from a set of possible similarly named + * form variables, based on finding a different, single field. This + * is intended to allow more than one same-named inputs in a single + *