From 1e12d1ffb4f54350932a17397d38917db21d64df Mon Sep 17 00:00:00 2001 From: ebullient Date: Mon, 3 Mar 2003 05:44:35 +0000 Subject: [PATCH] Lots of changes for variable initialization - clean up, really, for cases where direct referece to vars causes problems with earlier versions. we'll see how much I screwed up, too. git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@4581 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- src/addrbook_search.php | 25 +++++------ src/addrbook_search_html.php | 17 +++----- src/addressbook.php | 40 +++++++----------- src/compose.php | 74 ++++++++++++++------------------- src/download.php | 26 ++++++------ src/folders_create.php | 18 ++++---- src/folders_delete.php | 16 ++++--- src/folders_rename_do.php | 16 ++++--- src/folders_rename_getname.php | 13 +++--- src/folders_subscribe.php | 12 +++--- src/help.php | 11 ++--- src/image.php | 11 +++-- src/move_messages.php | 76 +++++++++++----------------------- src/options.php | 26 ++++-------- src/options_identities.php | 1 + src/options_order.php | 24 +++-------- src/read_body.php | 9 ++-- src/redirect.php | 12 +++--- src/right_main.php | 72 ++++++++++++-------------------- src/view_header.php | 27 ++++++------ src/view_text.php | 35 ++++++++-------- 21 files changed, 221 insertions(+), 340 deletions(-) diff --git a/src/addrbook_search.php b/src/addrbook_search.php index 3eff9318..4e914bee 100644 --- a/src/addrbook_search.php +++ b/src/addrbook_search.php @@ -21,24 +21,19 @@ define('SM_PATH','../'); /* SquirrelMail required files. */ require_once(SM_PATH . 'include/validate.php'); require_once(SM_PATH . 'functions/strings.php'); +require_once(SM_PATH . 'functions/global.php'); require_once(SM_PATH . 'functions/html.php'); /* lets get the global vars we may need */ -$key = $_COOKIE['key']; -$username = $_SESSION['username']; -$onetimepad = $_SESSION['onetimepad']; -$base_uri = $_SESSION['base_uri']; - -sqgetGlobalVar('show' , $show); -if ( isset($_POST['query']) ) { - $query = $_POST['query']; -} -if ( isset($_POST['listall']) ) { - $listall = $_POST['listall']; -} -if ( isset($_POST['backend'] ) ) { - $backend = $_POST['backend']; -} +sqgetGlobalVar('key', $key, SQ_COOKIE); +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad',$onetimepad, SQ_SESSION); +sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION); + +sqgetGlobalVar('show' , $show); +sqgetGlobalVar('query', $query, SQ_POST); +sqgetGlobalVar('listall', $listall, SQ_POST); +sqgetGlobalVar('backend', $backend, SQ_POST); /* Function to include JavaScript code */ function insert_javascript() { diff --git a/src/addrbook_search_html.php b/src/addrbook_search_html.php index 3edaac79..8b14ed39 100644 --- a/src/addrbook_search_html.php +++ b/src/addrbook_search_html.php @@ -20,6 +20,7 @@ if (! defined('SM_PATH') ) { /* SquirrelMail required files. */ require_once(SM_PATH . 'include/validate.php'); +require_once(SM_PATH . 'functions/global.php'); require_once(SM_PATH . 'functions/date.php'); require_once(SM_PATH . 'functions/display_messages.php'); require_once(SM_PATH . 'functions/addressbook.php'); @@ -27,17 +28,11 @@ require_once(SM_PATH . 'functions/plugin.php'); require_once(SM_PATH . 'functions/strings.php'); require_once(SM_PATH . 'functions/html.php'); -$session = $_POST['session']; -$mailbox = $_POST['mailbox']; -if ( isset($_POST['addrquery']) ) { - $addrquery = $_POST['addrquery']; -} -if ( isset($_POST['listall']) ) { - $listall = $_POST['listall']; -} -if ( isset($_POST['backend'] ) ) { - $backend = $_POST['backend']; -} +sqgetGlobalVar('session', $session, SQ_POST); +sqgetGlobalVar('mailbox', $mailbox, SQ_POST); +sqgetGlobalVar('addrquery', $addrquery, SQ_POST); +sqgetGlobalVar('listall', $listall, SQ_POST); +sqgetGlobalVar('backend', $backend, SQ_POST); /* Insert hidden data */ function addr_insert_hidden() { diff --git a/src/addressbook.php b/src/addressbook.php index 0cd1f24a..17528d9b 100644 --- a/src/addressbook.php +++ b/src/addressbook.php @@ -16,40 +16,28 @@ define('SM_PATH','../'); /* SquirrelMail required files. */ require_once(SM_PATH . 'include/validate.php'); +require_once(SM_PATH . 'functions/global.php'); require_once(SM_PATH . 'functions/display_messages.php'); require_once(SM_PATH . 'functions/addressbook.php'); require_once(SM_PATH . 'functions/strings.php'); require_once(SM_PATH . 'functions/html.php'); /* lets get the global vars we may need */ -$key = $_COOKIE['key']; +sqgetGlobalVar('key', $key, SQ_COOKIE); -$username = $_SESSION['username']; -$onetimepad = $_SESSION['onetimepad']; -$base_uri = $_SESSION['base_uri']; -$delimiter = $_SESSION['delimiter']; +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad',$onetimepad, SQ_SESSION); +sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION); +sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); /* From the address form */ -if ( isset($_POST['addaddr']) ) { - $addaddr = &$_POST['addaddr']; -} -if ( isset($_POST['editaddr']) ) { - $editaddr = &$_POST['editaddr']; -} -if ( isset($_POST['deladdr']) ) { - $deladdr = &$_POST['deladdr']; -} -$sel = &$_POST['sel']; - -if (isset($_POST['oldnick'])) { - $oldnick = $_POST['oldnick']; -} -if (isset($_POST['backend'])) { - $backend = $_POST['backend']; -} -if (isset($_POST['doedit'])) { - $doedit = $_POST['doedit']; -} +sqgetGlobalVar('addaddr', $addaddr, SQ_POST); +sqgetGlobalVar('editaddr', $editaddr, SQ_POST); +sqgetGlobalVar('deladdr', $deladdr, SQ_POST); +sqgetGlobalVar('sel', $sel, SQ_POST); +sqgetGlobalVar('oldnick', $oldnick, SQ_POST); +sqgetGlobalVar('backend', $backend, SQ_POST); +sqgetGlobalVar('doedit', $doedit, SQ_POST); /* Make an input field */ function adressbook_inp_field($label, $field, $name, $size, $values, $add) { @@ -107,7 +95,7 @@ $form_url = 'addressbook.php'; /* Handle user's actions */ -if($_SERVER['REQUEST_METHOD'] == 'POST') { +if(sqgetGlobalVar('REQUEST_METHOD', $req_method, SQ_SERVER) && $req_method == 'POST') { /************************************************** * Add new address * diff --git a/src/compose.php b/src/compose.php index d1ebff50..5be4571e 100644 --- a/src/compose.php +++ b/src/compose.php @@ -22,6 +22,7 @@ define('SM_PATH','../'); /* SquirrelMail required files. */ require_once(SM_PATH . 'include/validate.php'); +require_once(SM_PATH . 'functions/global.php'); require_once(SM_PATH . 'functions/imap.php'); require_once(SM_PATH . 'functions/date.php'); require_once(SM_PATH . 'functions/mime.php'); @@ -31,17 +32,19 @@ require_once(SM_PATH . 'class/deliver/Deliver.class.php'); require_once(SM_PATH . 'functions/addressbook.php'); /* --------------------- Get globals ------------------------------------- */ -$username = $_SESSION['username']; -$onetimepad = $_SESSION['onetimepad']; -$base_uri = $_SESSION['base_uri']; -$delimiter = $_SESSION['delimiter']; +/** COOKIE VARS */ +sqgetGlobalVar('key', $key, SQ_COOKIE); -if (isset($_POST['return'])) { - $html_addr_search_done = 'Use Addresses'; -} -if ( isset($_SESSION['composesession']) ) { - $composesession = $_SESSION['composesession']; -} +/** SESSION VARS */ +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad',$onetimepad, SQ_SESSION); +sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION); +sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); + +sqgetGlobalVar('composesession', $composesession, SQ_SESSION); +sqgetGlobalVar('compose_messages', $compose_messages, SQ_SESSION); + +/** SESSION/POST/GET VARS */ sqgetGlobalVar('action',$action); sqgetGlobalVar('session',$session); sqgetGlobalVar('mailbox',$mailbox); @@ -60,46 +63,28 @@ sqgetGlobalVar('passed_id',$passed_id); sqgetGlobalVar('passed_ent_id',$passed_ent_id); sqgetGlobalVar('send',$send); -if ( isset($_POST['sigappend']) ) { - $sigappend = $_POST['sigappend']; -} -/* From addressbook search */ -if ( isset($_POST['from_htmladdr_search']) ) { - $from_htmladdr_search = $_POST['from_htmladdr_search']; -} -if ( isset($_POST['addr_search_done']) ) { - $html_addr_search_done = $_POST['addr_search_done']; -} -if ( isset($_POST['send_to_search']) ) { - $send_to_search = &$_POST['send_to_search']; -} - -/* Attachments */ sqgetGlobalVar('attach',$attach); -if ( isset($_POST['do_delete']) ) { - $do_delete = $_POST['do_delete']; -} -if ( isset($_POST['delete']) ) { - $delete = &$_POST['delete']; -} -if ( isset($_SESSION['compose_messages']) ) { - $compose_messages = &$_SESSION['compose_messages']; -} - -/* Forward message as attachment */ -if ( isset($_GET['attachedmessages']) ) { - $attachedmessages = $_GET['attachedmessages']; -} - -/* Drafts */ sqgetGlobalVar('draft',$draft); sqgetGlobalVar('draft_id',$draft_id); sqgetGlobalVar('ent_num',$ent_num); sqgetGlobalVar('saved_draft',$saved_draft); sqgetGlobalVar('delete_draft',$delete_draft); -$key = $_COOKIE['key']; + +/** POST VARS */ +sqgetGlobalVar('sigappend', $sigappend, SQ_POST); +sqgetGlobalVar('from_htmladdr_search', $from_htmladdr_search, SQ_POST); +sqgetGlobalVar('addr_search_done', $html_addr_search_done, SQ_POST); +sqgetGlobalVar('send_to_search', $send_to_search, SQ_POST); +sqgetGlobalVar('do_delete', $do_delete, SQ_POST); +sqgetGlobalVar('delete', $delete, SQ_POST); +if ( sqgetGlobalVar('return', $temp, SQ_POST) ) { + $html_addr_search_done = 'Use Addresses'; +} + +/** GET VARS */ +sqgetGlobalVar('attachedmessages', $attachedmessages, SQ_GET); /* --------------------- Specific Functions ------------------------------ */ @@ -192,7 +177,7 @@ function getforwardHeader($orig_header) { * vars. */ if (sqsession_is_registered('session_expired_post')) { - $session_expired_post = $_SESSION['session_expired_post']; + sqgetGlobalVar('session_expired_post', $session_expired_post, SQ_SESSION); /* * extra check for username so we don't display previous post data from * another user during this session. @@ -1065,9 +1050,10 @@ function showInputForm ($session, $values=false) { store the complete ComposeMessages array in a hidden input value so we can restore them in case of a session timeout. */ + sqgetGlobalVar('QUERY_STRING', $queryString, SQ_SERVER); echo '\n"; echo '\n"; - echo '\n"; + echo '\n"; echo ''; if (!(bool) ini_get('file_uploads')) { /* File uploads are off, so we didn't show that part of the form. diff --git a/src/download.php b/src/download.php index d0331946..16d93dcd 100644 --- a/src/download.php +++ b/src/download.php @@ -24,18 +24,16 @@ header('Pragma: '); header('Cache-Control: cache'); /* globals */ - -$key = $_COOKIE['key']; -$username = $_SESSION['username']; -$onetimepad = $_SESSION['onetimepad']; -$mailbox = $_GET['mailbox']; -$passed_id = (int) $_GET['passed_id']; -$ent_id = $_GET['ent_id']; -$messages = $_SESSION['messages']; - -if (isset($_GET['absolute_dl'])) { - $absolute_dl = $_GET['absolute_dl']; -} +sqgetGlobalVar('key', $key, SQ_COOKIE); +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION); +sqgetGlobalVar('messages', $messages, SQ_SESSION); +sqgetGlobalVar('mailbox', $mailbox, SQ_GET); +sqgetGlobalVar('ent_id', $ent_id, SQ_GET); +sqgetGlobalVar('absolute_dl',$absolute_dl, SQ_GET); +if ( sqgetGlobalVar('passed_id', $temp, SQ_GET) ) { + $passed_id = (int) $temp; +} /* end globals */ $mailbox = urldecode($mailbox); @@ -149,10 +147,10 @@ mime_print_body_lines ($imapConnection, $passed_id, $ent_id, $encoding); * version of IE. I don't know if it works with Opera, but it should now. */ function DumpHeaders($type0, $type1, $filename, $force) { - global $_SERVER, $languages, $squirrelmail_language; + global $languages, $squirrelmail_language; $isIE = $isIE6 = 0; - $HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT']; + sqgetGlobalVar('HTTP_USER_AGENT', $HTTP_USER_AGENT, SQ_SERVER); if (strstr($HTTP_USER_AGENT, 'compatible; MSIE ') !== false && strstr($HTTP_USER_AGENT, 'Opera') === false) { diff --git a/src/folders_create.php b/src/folders_create.php index 884abd42..a4d5eb4a 100644 --- a/src/folders_create.php +++ b/src/folders_create.php @@ -21,17 +21,13 @@ require_once(SM_PATH . 'functions/imap.php'); require_once(SM_PATH . 'functions/display_messages.php'); /* get globals we may need */ - -$username = $_SESSION['username']; -$key = $_COOKIE['key']; -$delimiter = $_SESSION['delimiter']; -$onetimepad = $_SESSION['onetimepad']; -$folder_name = $_POST['folder_name']; -$subfolder = $_POST['subfolder']; -if (isset($_POST['contain_subs'])) { - $contain_subs = $_POST['contain_subs']; -} - +sqgetGlobalVar('key', $key, SQ_COOKIE); +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION); +sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); +sqgetGlobalVar('folder_name', $folder_name, SQ_POST); +sqgetGlobalVar('subfolder', $subfolder, SQ_POST); +sqgetGlobalVar('contain_subs', $contain_subs, SQ_POST); /* end of get globals */ $folder_name = trim($folder_name); diff --git a/src/folders_delete.php b/src/folders_delete.php index 91b426ac..58e6fe2c 100644 --- a/src/folders_delete.php +++ b/src/folders_delete.php @@ -28,13 +28,11 @@ require_once(SM_PATH . 'functions/html.php'); */ /* globals */ -$username = $_SESSION['username']; -$key = $_COOKIE['key']; -$delimiter = $_SESSION['delimiter']; -$onetimepad = $_SESSION['onetimepad']; - -$mailbox = $_POST['mailbox']; - +sqgetGlobalVar('key', $key, SQ_COOKIE); +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad',$onetimepad, SQ_SESSION); +sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); +sqgetGlobalVar('mailbox', $mailbox, SQ_POST); /* end globals */ if ($mailbox == '') { @@ -45,13 +43,13 @@ if ($mailbox == '') { exit; } -if (isset($_POST['backingout'])) { +if ( sqgetGlobalVar('backingout', $tmp, SQ_POST) ) { $location = get_location(); header ("Location: $location/folders.php"); exit; } -if(!isset($_POST['confirmed'])) { +if( !sqgetGlobalVar('confirmed', $tmp, SQ_POST) ) { displayPageHeader($color, 'None'); echo '
' . diff --git a/src/folders_rename_do.php b/src/folders_rename_do.php index 89b0a117..5c0c3937 100644 --- a/src/folders_rename_do.php +++ b/src/folders_rename_do.php @@ -21,15 +21,13 @@ require_once(SM_PATH . 'functions/imap.php'); require_once(SM_PATH . 'functions/display_messages.php'); /* globals */ -$username = $_SESSION['username']; -$key = $_COOKIE['key']; -$delimiter = $_SESSION['delimiter']; -$onetimepad = $_SESSION['onetimepad']; - -$orig = $_POST['orig']; -$old_name = $_POST['old_name']; -$new_name = $_POST['new_name']; - +sqgetGlobalVar('key', $key, SQ_COOKIE); +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); +sqgetGlobalVar('onetimepad',$onetimepad, SQ_SESSION); +sqgetGlobalVar('orig', $orig, SQ_POST); +sqgetGlobalVar('old_name', $old_name, SQ_POST); +sqgetGlobalVar('new_name', $new_name, SQ_POST); /* end globals */ $new_name = trim($new_name); diff --git a/src/folders_rename_getname.php b/src/folders_rename_getname.php index 7d2ba241..7603d6c8 100644 --- a/src/folders_rename_getname.php +++ b/src/folders_rename_getname.php @@ -22,14 +22,11 @@ require_once(SM_PATH . 'functions/html.php'); require_once(SM_PATH . 'functions/display_messages.php'); /* get globals we may need */ - -$username = $_SESSION['username']; -$key = $_COOKIE['key']; -$delimiter = $_SESSION['delimiter']; -$onetimepad = $_SESSION['onetimepad']; - -$old = $_POST['old']; - +sqgetGlobalVar('key', $key, SQ_COOKIE); +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad',$onetimepad, SQ_SESSION); +sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); +sqgetGlobalVar('old', $old, SQ_POST); /* end of get globals */ if ($old == '') { diff --git a/src/folders_subscribe.php b/src/folders_subscribe.php index 75efb8c4..724a63ed 100644 --- a/src/folders_subscribe.php +++ b/src/folders_subscribe.php @@ -21,13 +21,11 @@ require_once(SM_PATH . 'functions/imap.php'); require_once(SM_PATH . 'functions/display_messages.php'); /* globals */ -$username = $_SESSION['username']; -$key = $_COOKIE['key']; -$onetimepad = $_SESSION['onetimepad']; - -$method = $_GET['method']; -$mailbox = $_POST['mailbox']; - +sqgetGlobalVar('key', $key, SQ_COOKIE); +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad',$onetimepad, SQ_SESSION); +sqgetGlobalVar('method', $method, SQ_GET); +sqgetGlobalVar('mailbox', $mailbox, SQ_POST); /* end globals */ $location = get_location(); diff --git a/src/help.php b/src/help.php index 177e1616..c3e5835d 100644 --- a/src/help.php +++ b/src/help.php @@ -128,13 +128,10 @@ if (file_exists("../help/$squirrelmail_language")) { * else see if we can get a relevant chapter from the referer */ $chapter = 0; -if ( isset( $_GET['chapter'] ) ) -{ - $chapter = intval( $_GET['chapter']); -} -elseif (isset($_SERVER['HTTP_REFERER'])) -{ - $ref = strtolower($_SERVER['HTTP_REFERER']); +if ( sqgetGlobalVar('chapter', $temp, SQ_GET) ) { + $chapter = (int) $temp; +} elseif ( sqgetGlobalVar('HTTP_REFERER', $temp, SQ_SERVER) ) { + $ref = strtolower($temp); $contexts = array ( 'src/compose' => 4, 'src/addr' => 5, 'src/folders' => 6, 'src/options' => 7, 'src/right_main' => 2, diff --git a/src/image.php b/src/image.php index 5702e448..574c9adc 100644 --- a/src/image.php +++ b/src/image.php @@ -16,6 +16,7 @@ define('SM_PATH','../'); /* SquirrelMail required files. */ require_once(SM_PATH . 'include/validate.php'); +require_once(SM_PATH . 'functions/global.php'); require_once(SM_PATH . 'functions/date.php'); require_once(SM_PATH . 'functions/page_header.php'); require_once(SM_PATH . 'functions/html.php'); @@ -24,10 +25,12 @@ require_once(SM_PATH . 'include/load_prefs.php'); displayPageHeader($color, 'None'); /* globals */ -$mailbox = $_GET['mailbox']; -$passed_id = (int) $_GET['passed_id']; -$ent_id = $_GET['ent_id']; -$QUERY_STRING = $_SERVER['QUERY_STRING']; +if ( sqgetGlobalVar('passed_id', $temp, SQ_GET) ) { + $passed_id = (int) $temp; +} +sqgetGlobalVar('mailbox', $mailbox, SQ_GET); +sqgetGlobalVar('ent_id', $ent_id, SQ_GET); +sqgetGlobalVar('QUERY_STRING', $QUERY_STRING, SQ_SERVER); /* end globals */ echo '
' . diff --git a/src/move_messages.php b/src/move_messages.php index c7c159f2..0e7f51d1 100644 --- a/src/move_messages.php +++ b/src/move_messages.php @@ -22,11 +22,10 @@ require_once(SM_PATH . 'functions/html.php'); global $compose_new_win; -if (isset($_SESSION['composesession'])) { - $composesession = $_SESSION['composesession']; -} else { - $composesession = 0; -} +if ( !sqgetGlobalVar('composesession', $composesession, SQ_SESSION) ) { + $composesession = 0; +} + /* obsolete ?? */ function putSelectedMessagesIntoString($msg) { $j = 0; @@ -119,57 +118,30 @@ function attachSelectedMessages($msg, $imapConnection) { /* get globals */ +sqgetGlobalVar('key', $key, SQ_COOKIE); +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad',$onetimepad, SQ_SESSION); +sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); +sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION); -$username = $_SESSION['username']; -$key = $_COOKIE['key']; -$onetimepad = $_SESSION['onetimepad']; -$base_uri = $_SESSION['base_uri']; -$delimiter = $_SESSION['delimiter']; +sqgetGlobalVar('mailbox', $mailbox); +sqgetGlobalVar('startMessage', $startMessage); +sqgetGlobalVar('msg', $msg); -sqGetGlobalVar('mailbox', $mailbox); -sqGetGlobalVar('startMessage', $startMessage); -sqGetGlobalVar('msg', $msg); - -if (isset($_POST['moveButton'])) { - $moveButton = $_POST['moveButton']; -} - -if (isset($_SESSION['msgs'])) { - $msgs = $_SESSION['msgs']; -} - -if (isset($_POST['expungeButton'])) { - $expungeButton = $_POST['expungeButton']; -} -if (isset($_POST['targetMailbox'])) { - $targetMailbox = $_POST['targetMailbox']; -} -if (isset($_SESSION['lastTargetMailbox'])) { - $lastTargetMailbox = $_SESSION['lastTargetMailbox']; -} -if (isset($_POST['expungeButton'])) { - $expungeButton = $_POST['expungeButton']; -} -if (isset($_POST['undeleteButton'])) { - $undeleteButton = $_POST['undeleteButton']; -} -if (isset($_POST['markRead'])) { - $markRead = $_POST['markRead']; -} -if (isset($_POST['markUnread'])) { - $markUnread = $_POST['markUnread']; -} -if (isset($_POST['attache'])) { - $attache = $_POST['attache']; -} +sqgetGlobalVar('msgs', $msgs, SQ_SESSION); +sqgetGlobalVar('composesession', $composesession, SQ_SESSION); +sqgetGlobalVar('lastTargetMailbox', $lastTargetMailbox, SQ_SESSION); -if (isset($_POST['location'])) { - $location = $_POST['location']; -} +sqgetGlobalVar('moveButton', $moveButton, SQ_POST); +sqgetGlobalVar('expungeButton', $expungeButton, SQ_POST); +sqgetGlobalVar('targetMailbox', $targetMailbox, SQ_POST); +sqgetGlobalVar('expungeButton', $expungeButton, SQ_POST); +sqgetGlobalVar('undeleteButton', $undeleteButton, SQ_POST); +sqgetGlobalVar('markRead', $markRead, SQ_POST); +sqgetGlobalVar('markUnread', $markUnread, SQ_POST); +sqgetGlobalVar('attache', $attache, SQ_POST); +sqgetGlobalVar('location', $location, SQ_POST); -if (isset($_SESSION['composesession'])) { - $composesession = $_SESSION['composesession']; -} /* end of get globals */ $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0); diff --git a/src/options.php b/src/options.php index f2a8b112..c6dd5c7d 100644 --- a/src/options.php +++ b/src/options.php @@ -17,6 +17,7 @@ define('SM_PATH','../'); /* SquirrelMail required files. */ require_once(SM_PATH . 'include/validate.php'); +require_once(SM_PATH . 'functions/global.php'); require_once(SM_PATH . 'functions/display_messages.php'); require_once(SM_PATH . 'functions/imap.php'); require_once(SM_PATH . 'functions/options.php'); @@ -115,23 +116,14 @@ function print_optionpages_row($leftopt, $rightopt = false) { /* ---------------------------- main ---------------------------- */ /* get the globals that we may need */ -if (isset($_GET['optpage'])) { - $optpage = $_GET['optpage']; -} -elseif (isset($_POST['optpage'])) { - $optpage = $_POST['optpage']; -} -if (isset($_POST['optmode'])) { - $optmode = $_POST['optmode']; -} -if (isset($_POST['optpage_data'])) { - $optpage_data = $_POST['optpage_data']; -} -$username = $_SESSION['username']; -$key = $_COOKIE['key']; -$onetimepad = $_SESSION['onetimepad']; -$delimiter = $_SESSION['delimiter']; - +sqgetGlobalVar('key', $key, SQ_COOKIE); +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad',$onetimepad, SQ_SESSION); +sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); + +sqgetGlobalVar('optpage', $optpage); +sqgetGlobalVar('optmode', $optmode, SQ_POST); +sqgetGlobalVar('optpage_data',$optpage_data, SQ_POST); /* end of getting globals */ /* Make sure we have an Option Page set. Default to main. */ diff --git a/src/options_identities.php b/src/options_identities.php index 877df44d..59b34fba 100644 --- a/src/options_identities.php +++ b/src/options_identities.php @@ -16,6 +16,7 @@ define('SM_PATH','../'); /* SquirrelMail required files. */ require_once(SM_PATH . 'include/validate.php'); +require_once(SM_PATH . 'functions/global.php'); require_once(SM_PATH . 'functions/display_messages.php'); require_once(SM_PATH . 'functions/html.php'); diff --git a/src/options_order.php b/src/options_order.php index 0e5d31e5..7309da7b 100644 --- a/src/options_order.php +++ b/src/options_order.php @@ -16,30 +16,18 @@ define('SM_PATH','../'); /* SquirrelMail required files. */ require_once(SM_PATH . 'include/validate.php'); +require_once(SM_PATH . 'functions/global.php'); require_once(SM_PATH . 'functions/display_messages.php'); require_once(SM_PATH . 'functions/imap.php'); require_once(SM_PATH . 'functions/plugin.php'); require_once(SM_PATH . 'functions/html.php'); /* get globals */ -if (isset($_GET['num'])) { - $num = $_GET['num']; -} -if (isset($_GET['method'])) { - $method = $_GET['method']; -} -elseif (isset($_POST['method'])) { - $method = $_POST['method']; -} -if (isset($_POST['add'])) { - $add = $_POST['add']; -} -if (isset($_GET['submit'])) { - $submit = $_GET['submit']; -} -elseif (isset($_POST['submit'])) { - $submit = $_POST['submit']; -} +sqgetGlobalVar('num', $num, SQ_GET); +sqgetGlobalVar('add', $add, SQ_POST); + +sqgetGlobalVar('submit', $submit); +sqgetGlobalVar('method', $method); /* end of get globals */ displayPageHeader($color, 'None'); diff --git a/src/read_body.php b/src/read_body.php index 93b078d5..c3a2ec76 100644 --- a/src/read_body.php +++ b/src/read_body.php @@ -643,12 +643,12 @@ function formatToolbar($mailbox, $passed_id, $passed_ent_id, $message, $color) { /* get the globals we may need */ -/** SESSION VARS */ +sqgetGlobalVar('key', $key, SQ_COOKIE); sqgetGlobalVar('username', $username, SQ_SESSION); sqgetGlobalVar('onetimepad',$onetimepad, SQ_SESSION); -sqgetGlobalVar('msgs', $msgs, SQ_SESSION); -sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION); sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); +sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION); + sqgetGlobalVar('msgs', $msgs, SQ_SESSION); sqgetGlobalVar('msort', $msort, SQ_SESSION); sqgetGlobalVar('lastTargetMailbox', $lastTargetMailbox, SQ_SESSION); @@ -657,9 +657,6 @@ if (!sqgetGlobalVar('messages', $messages, SQ_SESSION) ) { $messages = array(); } -/** COOKIE VARS */ -sqgetGlobalVar('key', $key, SQ_COOKIE); - /** GET VARS */ sqgetGlobalVar('sendreceipt', $sendreceipt, SQ_GET); sqgetGlobalVar('where', $where, SQ_GET); diff --git a/src/redirect.php b/src/redirect.php index 6ed15fc9..a18df0e0 100644 --- a/src/redirect.php +++ b/src/redirect.php @@ -16,6 +16,7 @@ define('SM_PATH','../'); /* SquirrelMail required files. */ +require_once(SM_PATH . 'functions/global.php'); require_once(SM_PATH . 'functions/i18n.php'); require_once(SM_PATH . 'functions/strings.php'); require_once(SM_PATH . 'config/config.php'); @@ -24,10 +25,9 @@ require_once(SM_PATH . 'functions/imap.php'); require_once(SM_PATH . 'functions/plugin.php'); require_once(SM_PATH . 'functions/constants.php'); require_once(SM_PATH . 'functions/page_header.php'); -require_once(SM_PATH . 'functions/global.php'); // Remove slashes if PHP added them -$REQUEST_METHOD = $_SERVER['REQUEST_METHOD']; +sqgetGlobalVar('REQUEST_METHOD', $REQUEST_METHOD, SQ_SERVER); if (get_magic_quotes_gpc()) { if ($REQUEST_METHOD == 'POST') { RemoveSlashes($_POST); @@ -68,7 +68,7 @@ setcookie('squirrelmail_language', $squirrelmail_language, time()+2592000, $base_uri); if (!isset($login_username)) { - include_once( '../functions/display_messages.php' ); + include_once(SM_PATH . 'functions/display_messages.php' ); logout_error( _("You must be logged in to access this page.") ); exit; } @@ -120,9 +120,9 @@ sqsession_register($attachment_common_types_parsed, 'attachment_common_types_par $debug = false; -if (isset($_SERVER['HTTP_ACCEPT']) && - !isset($attachment_common_types_parsed[$_SERVER['HTTP_ACCEPT']])) { - attachment_common_parse($_SERVER['HTTP_ACCEPT'], $debug); +if ( sqgetGlobalVar('HTTP_ACCEPT', $http_accept, SQ_SERVER) && + !isset($attachment_common_types_parsed[$http_accept]) ) { + attachment_common_parse($http_accept, $debug); } /* Complete autodetection of Javascript. */ diff --git a/src/right_main.php b/src/right_main.php index c634e075..1a99b0bd 100644 --- a/src/right_main.php +++ b/src/right_main.php @@ -41,58 +41,38 @@ require_once(SM_PATH . 'functions/html.php'); /* lets get the global vars we may need */ -$username = $_SESSION['username']; -$key = $_COOKIE['key']; -$onetimepad = $_SESSION['onetimepad']; -$base_uri = $_SESSION['base_uri']; -$delimiter = $_SESSION['delimiter']; - -if (isset($_GET['startMessage'])) { - $startMessage = (int) $_GET['startMessage']; -} elseif (isset($_POST['startMessage'])) { - $startMessage = (int) $_POST['startMessage']; -} -if (isset($_GET['mailbox'])) { - $mailbox = $_GET['mailbox']; -} else if (isset($_POST['mailbox'])) { - $mailbox = $_POST['mailbox']; -} -if (isset($_GET['PG_SHOWNUM'])) { - $PG_SHOWNUM = (int) $_GET['PG_SHOWNUM']; -} -elseif (isset($_SESSION['PG_SHOWNUM'])) { - $PG_SHOWNUM = (int) $_SESSION['PG_SHOWNUM']; -} -if (isset($_GET['PG_SHOWALL'])) { - $PG_SHOWALL = (int) $_GET['PG_SHOWALL']; -} -if (isset($_GET['newsort'])) { - $newsort = (int) $_GET['newsort']; -} -if (isset($_GET['composenew'])) { - $composenew = $_GET['composenew']; -} else { - $composenew = false; -} +sqgetGlobalVar('key', $key, SQ_COOKIE); +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad',$onetimepad, SQ_SESSION); +sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); +sqgetGlobalVar('base_uri', $base_uri, SQ_SESSION); -if (isset($_GET['checkall'])) { - $checkall = (int) $_GET['checkall']; +sqgetGlobalVar('mailbox', $mailbox); +sqgetGlobalVar('lastTargetMailbox', $lastTargetMailbox, SQ_SESSION); +sqgetGlobalVar('session', $session, SQ_GET); +sqgetGlobalVar('note', $note, SQ_GET); + +if ( sqgetGlobalVar('startMessage', $temp) ) { + $startMessage = (int) $temp; } -if (isset($_GET['set_thread'])) { - $set_thread = (int) $_GET['set_thread']; +if ( sqgetGlobalVar('PG_SHOWNUM', $temp) ) { + $PG_SHOWNUM = (int) $temp; } -if (isset($_SESSION['lastTargetMailbox'])) { - $lastTargetMailbox =$_SESSION['lastTargetMailbox']; +if ( sqgetGlobalVar('PG_SHOWALL', $temp, SQ_GET) ) { + $PG_SHOWALL = (int) $temp; } - -if (isset($_GET['session'])) { - $session = $_GET['session']; +if ( sqgetGlobalVar('newsort', $temp, SQ_GET) ) { + $newsort = (int) $temp; } - -if (isset($_GET['note'])) { - $note = $_GET['note']; +if ( sqgetGlobalVar('checkall', $temp, SQ_GET) ) { + $checkall = (int) $temp; +} +if ( sqgetGlobalVar('set_thread', $temp, SQ_GET) ) { + $set_thread = (int) $temp; +} +if ( !sqgetGlobalVar('composenew', $composenew, SQ_GET) ) { + $composenew = false; } - /* end of get globals */ diff --git a/src/view_header.php b/src/view_header.php index 8a4dc046..486a2220 100644 --- a/src/view_header.php +++ b/src/view_header.php @@ -76,7 +76,8 @@ function parse_viewheader($imapConnection,$id, $passed_ent_id) { } function view_header($header, $mailbox, $color) { - $ret_addr = SM_PATH . 'src/read_body.php?'.$_SERVER['QUERY_STRING']; + sqgetGlobalVar('QUERY_STRING', $queryStr, SQ_SERVER); + $ret_addr = SM_PATH . 'src/read_body.php?'.$queryStr; displayPageHeader($color, $mailbox); @@ -102,19 +103,19 @@ function view_header($header, $mailbox, $color) { } /* get global vars */ -$passed_id = $_GET['passed_id']; -$username = $_SESSION['username']; -$key = $_COOKIE['key']; -$delimiter = $_SESSION['delimiter']; -$onetimepad = $_SESSION['onetimepad']; - -if (!isset($_GET['passed_ent_id'])) { - $passed_ent_id = ''; -} else { - $passed_ent_id = $_GET['passed_ent_id']; +if ( sqgetGlobalVar('passed_id', $temp, SQ_GET) ) { + $passed_id = (int) $temp; } - -$mailbox = urldecode($_GET['mailbox']); +if ( sqgetGlobalVar('mailbox', $temp, SQ_GET) ) { + $mailbox = urldecode($temp); +} +if ( !sqgetGlobalVar('passed_ent_id', $passed_ent_id, SQ_GET) ) { + $passed_ent_id = ''; +} +sqgetGlobalVar('key', $key, SQ_COOKIE); +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION); +sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0); diff --git a/src/view_text.php b/src/view_text.php index 803c4ac3..a333a1eb 100644 --- a/src/view_text.php +++ b/src/view_text.php @@ -18,29 +18,30 @@ define('SM_PATH','../'); /* SquirrelMail required files. */ require_once(SM_PATH . 'include/validate.php'); +require_once(SM_PATH . 'functions/global.php'); require_once(SM_PATH . 'functions/imap.php'); require_once(SM_PATH . 'functions/mime.php'); require_once(SM_PATH . 'functions/html.php'); - -$mailbox = urldecode($_GET['mailbox']); -if (!isset($_GET['passed_ent_id'])) { - $passed_ent_id = ''; -} else { - $passed_ent_id = $_GET['passed_ent_id']; + +sqgetGlobalVar('key', $key, SQ_COOKIE); +sqgetGlobalVar('username', $username, SQ_SESSION); +sqgetGlobalVar('onetimepad', $onetimepad, SQ_SESSION); +sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); +sqgetGlobalVar('QUERY_STRING', $QUERY_STRING, SQ_SERVER); +sqgetGlobalVar('messages', $messages); +sqgetGlobalVar('passed_id', $passed_id, SQ_GET); + +if ( sqgetGlobalVar('mailbox', $temp, SQ_GET) ) { + $mailbox = urldecode($temp); } -$passed_id = $_GET['passed_id']; -if (isset($_GET['ent_id'])) { - $ent_id = $_GET['ent_id']; -} else { - $ent_id = ''; +if ( !sqgetGlobalVar('ent_id', $ent_id, SQ_GET) ) { + $ent_id = ''; } +if ( !sqgetGlobalVar('passed_ent_id', $passed_ent_id, SQ_GET) ) { + $passed_ent_id = ''; +} + -$username = $_SESSION['username']; -$key = $_COOKIE['key']; -$delimiter = $_SESSION['delimiter']; -$onetimepad = $_SESSION['onetimepad']; -$QUERY_STRING = $_SERVER['QUERY_STRING']; -sqgetGlobalVar('messages', $messages); $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0); $mbx_response = sqimap_mailbox_select($imapConnection, $mailbox); -- 2.25.1