X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=plugins%2Fsquirrelspell%2Fsqspell_interface.php;h=2311efcdfe5b6195ddced7b0555ca1a5372585ed;hp=3ea858c4e0ff827cc048e35dcf414e69114dd29f;hb=8a9f9d0964e91d21ffd490b105a011687d8c729f;hpb=fb0abd31769201a87860ec54c123e3a729a38518

diff --git a/plugins/squirrelspell/sqspell_interface.php b/plugins/squirrelspell/sqspell_interface.php
index 3ea858c4..2311efcd 100644
--- a/plugins/squirrelspell/sqspell_interface.php
+++ b/plugins/squirrelspell/sqspell_interface.php
@@ -1,48 +1,60 @@
 <?php
 
-   /**
-    **  sqspell_interface.php -- Main wrapper for the pop-up.
-    **
-    **  Copyright (c) 1999-2002 The SquirrelMail development team
-    **  Licensed under the GNU GPL. For full terms see the file COPYING.
-    **
-    **   This is a main wrapper for the pop-up window interface of
-    **   SquirrelSpell.    
-    **
-    **  $Id$
-    **/
+/**
+ * sqspell_interface.php
+ *
+ * Main wrapper for the pop-up.
+ *
+ * Copyright (c) 1999-2002 The SquirrelMail development team
+ * Licensed under the GNU GPL. For full terms see the file COPYING.
+ *
+ * This is a main wrapper for the pop-up window interface of
+ * SquirrelSpell.    
+ *
+ * $Id$
+ *
+ * @author Konstantin Riabitsev <icon@duke.edu> ($Author$)
+ * @version $Date$
+ */
 
-    /*    	
-    ** Set up a couple of non-negotiable constants. Don't change these,
-    ** the setuppable stuff is in sqspell_config.php
-    */
-    $SQSPELL_DIR='squirrelspell';
-    $SQSPELL_CRYPTO=FALSE;
+/**    	
+ * Set up a couple of non-negotiable constants and
+ * defaults. Don't change these, * the setuppable stuff is in
+ * sqspell_config.php
+ */
+$SQSPELL_DIR='plugins/squirrelspell/';
+$SQSPELL_CRYPTO=FALSE;
     
-    /* Load the necessary stuff. */
-    chdir('..');
-    require_once('../src/validate.php');
-    require_once('../src/load_prefs.php');
-    require_once("$SQSPELL_DIR/sqspell_config.php");
-    require_once("$SQSPELL_DIR/sqspell_functions.php");
-    
-    /*
-    ** Now load the necessary module from the modules dir.
-    **
-    */
-    if (!$MOD) 
-        $MOD='init';
+/**
+ * Load the stuff needed from squirrelmail
+ */
+
+define('SM_PATH','../../');
+
+/* SquirrelMail required files. */
+require_once(SM_PATH . 'include/validate.php');
+require_once(SM_PATH . 'include/load_prefs.php');
+require_once(SM_PATH . $SQSPELL_DIR . 'sqspell_config.php');
+require_once(SM_PATH . $SQSPELL_DIR . 'sqspell_functions.php');
     
-    /*
-    ** see if someone is attempting to be nasty by trying to get out of the
-    ** modules directory, although it probably wouldn't do them any good,
-    ** since every module has to end with .mod. Still, they deserve
-    ** to be warned. ;)
-    */
-    if (strstr($MOD, '.') || strstr($MOD, '/') || strstr($MOD, '%')){ 
-    	echo _("SECURITY BREACH ON DECK 5! CMDR TUVOK AND SECURITY TEAM REQUESTED.");
-        exit;
-    }
-    /* fetch the module now. */
-    require_once("$SQSPELL_DIR/modules/$MOD.mod");
+/**
+ * $MOD is the name of the module to invoke.
+ * If $MOD is undefined, use "init", else check for security
+ * breaches.
+ */
+if(isset($_POST['MOD'])) {
+    $MOD = $_POST['MOD'];
+} elseif (isset($_GET['MOD'])) {
+    $MOD = $_GET['MOD'];
+} 
+
+if (!isset($MOD) || !$MOD){
+    $MOD='init';
+} else {
+    sqspell_ckMOD($MOD);
+}
+
+/* Include the module. */
+require_once(SM_PATH . $SQSPELL_DIR . "modules/$MOD.mod");
+
 ?>