rg=0

plugins/squirrelspell/sqspell_config.php

@@ -13,7 +13,13 @@
 require_once(SM_PATH . 'functions/prefs.php');
 
 /* Just for poor wretched souls with E_ALL. :) */
-global $username, $data_dir;
+global $data_dir;
+
+if ( (float)substr(PHP_VERSION,0,3) < 4.1 ) {
+    global $_SESSION;
+}
+
+$username = $_SESSION['username'];
 
 /**
  * Example:

plugins/squirrelspell/sqspell_functions.php

@@ -26,7 +26,18 @@
  * @return            void
  */
 function sqspell_makePage($title, $scriptsrc, $body){
-  global $color, $SQSPELL_VERSION, $MOD;
+  global $color, $SQSPELL_VERSION;
+
+  if ( (float)substr(PHP_VERSION,0,3) < 4.1 ) {
+      global $_GET;
+  }
+  if (isset($_GET['MOD'])) {
+      $MOD = $_GET['MOD'];
+  }
+  else {
+      $MOD = 'options_main';
+  }
+
   displayPageHeader($color, 'None');  
   echo "&nbsp;<br>\n";
   /**
@@ -331,9 +342,12 @@ function sqspell_getWords(){
      * the user's old mailbox password. I admin, this is rather dirty,
      * but efficient. ;)
      */
-    global $key, $onetimepad, $old_key;
-    if ($old_key) {
-      $clear_key=$old_key;
+    $key = $_COOKIE['key'];
+    $onetimepad = $_SESSION['onetimepad'];
+    $old_key = $_POST['old_key'];
+
+    if ($old_key != '') {
+        $clear_key=$old_key;
     } else {
       /**
        * Get user's password (the key).
@@ -443,7 +457,9 @@ function sqspell_writeWords($words){
      * User wants to encrypt the file. So be it.
      * Get the user's password to use as a key.
      */
-    global $key, $onetimepad;
+    $key = $_COOKIE['key'];
+    $onetimepad = $_SESSION['onetimepad'];
+
     $clear_key=OneTimePadDecrypt($key, $onetimepad);
     /**
      * Try encrypting it. If fails, scream bloody hell.

plugins/squirrelspell/sqspell_interface.php

@@ -42,6 +42,12 @@ require_once(SM_PATH . $SQSPELL_DIR . 'sqspell_functions.php');
  * If $MOD is undefined, use "init", else check for security
  * breaches.
  */
+if(isset($_POST['MOD'])) {
+    $MOD = $_POST['MOD'];
+} elseif (isset($_GET['MOD'])) {
+    $MOD = $_GET['MOD'];
+} 
+
 if (!isset($MOD) || !$MOD){
     $MOD='init';
 } else {

plugins/squirrelspell/sqspell_options.php

@@ -38,7 +38,13 @@ require_once(SM_PATH . $SQSPELL_DIR . 'sqspell_functions.php');
  * If $MOD is unspecified, assign "init" to it. Else check for
  * security breach attempts.
  */
-if (!isset($MOD) || !$MOD){
+if(isset($_POST['MOD'])) {
+    $MOD = $_POST['MOD'];
+} elseif (isset($_GET['MOD'])) {
+    $MOD = $_GET['MOD'];
+}
+
+if(!isset($MOD) || !$MOD) {
   $MOD = 'options_main';
 } else {
   sqspell_ckMOD($MOD);