More rg=0

functions/options.php

@@ -90,8 +90,8 @@ class SquirrelOption {
         }
 
         /* Check for a new value. */
-        if (isset($GLOBALS["new_$name"])) {
-            $this->new_value = $GLOBALS["new_$name"];
+        if (isset($_POST["new_$name"])) {
+            $this->new_value = $_POST["new_$name"];
         } else {
             $this->new_value = '';
         }
@@ -294,11 +294,13 @@ class SquirrelOption {
 }
 
 function save_option($option) {
-    global $data_dir, $username;
-    setPref($data_dir, $username, $option->name, $option->new_value);
+    if ( (float)substr(PHP_VERSION,0,3) < 4.1 ) {
+        global $_SESSION;
+    }
+    global $data_dir;
+    $username = $_SESSION['username'];
 
-    /* I do not know if this next line does any good. */
-    $GLOBALS[$option->name] = $option->new_value;
+    setPref($data_dir, $username, $option->name, $option->new_value);
 }
 
 function save_option_noop($option) {

functions/page_header.php

@@ -14,11 +14,21 @@
 require_once(SM_PATH . 'functions/strings.php');
 require_once(SM_PATH . 'functions/html.php');
 require_once(SM_PATH . 'functions/imap_mailbox.php');
+require_once(SM_PATH . 'functions/global.php');
 
 /* Always set up the language before calling these functions */
 function displayHtmlHeader( $title = 'SquirrelMail', $xtra = '', $do_hook = TRUE ) {
 
-    global $theme_css, $custom_css, $base_uri;
+    if ( (float)substr(PHP_VERSION,0,3) < 4.1 ) {
+            global $_SESSION;
+    }
+    if (isset($_SESSION['base_uri'])) {
+        $base_uri = $_SESSION['base_uri'];
+    }
+    else {
+        global $base_uri;
+    }
+    global $theme_css, $custom_css;
 
     echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">' .
          "\n\n<HTML>\n<HEAD>\n";
@@ -41,8 +51,11 @@ function displayHtmlHeader( $title = 'SquirrelMail', $xtra = '', $do_hook = TRUE
 
 
 function displayInternalLink($path, $text, $target='') {
-    global $base_uri;
+    if ( (float)substr(PHP_VERSION,0,3) < 4.1 ) {
+            global $_SESSION;
+    }
 
+    $base_uri = $_SESSION['base_uri']; 
     if ($target != '') {
         $target = " target=\"$target\"";
     }
@@ -51,10 +64,16 @@ function displayInternalLink($path, $text, $target='') {
 
 function displayPageHeader($color, $mailbox, $xtra='', $session=false) {
 
-    global $delimiter, $hide_sm_attributions, $base_uri, $PHP_SELF, $frame_top,
+    global $hide_sm_attributions, $PHP_SELF, $frame_top,
            $compose_new_win, $username, $datadir, $compose_width, $compose_height,
            $attachemessages, $session;
 
+    if ( (float)substr(PHP_VERSION,0,3) < 4.1 ) {
+            global $_SESSION;
+    }
+
+    $base_uri = $_SESSION['base_uri'];
+    $delimiter = $_SESSION['delimiter'];
     $module = substr( $PHP_SELF, ( strlen( $PHP_SELF ) - strlen( $base_uri ) ) * -1 );
     if ($qmark = strpos($module, '?')) {
         $module = substr($module, 0, $qmark);

functions/plugin.php

@@ -77,12 +77,10 @@ function do_hook_function($name,$parm=NULL) {
  */
 function soupNazi(){
 
-    global $HTTP_USER_AGENT;
-
     $soup_menu = array('Mozilla/3','Mozilla/2','Mozilla/1', 'Opera 4',
                        'Opera/4', 'OmniWeb', 'Lynx');
     foreach($soup_menu as $browser) {
-        if(stristr($HTTP_USER_AGENT, $browser)) {
+        if(stristr($_SERVER['HTTP_USER_AGENT'], $browser)) {
             return 1;
         }
     }

functions/prefs.php

@@ -11,13 +11,23 @@
  * $Id$
  */
 
-global $prefs_are_cached, $prefs_cache;
+require_once(SM_PATH . 'functions/global.php');
+
+if (isset($_SESSION['prefs_cache'])) {
+    $prefs_cache = $_SESSION['prefs_cache'];
+}
+if (isset($_SESSION['prefs_are_cached'])) {
+    $prefs_are_cached = $_SESSION['prefs_are_cached'];
+}
+
+$rg = ini_get('register_globals');
 
 if ( !session_is_registered('prefs_are_cached') ||
      !isset( $prefs_cache) ||
      !is_array( $prefs_cache) ||
      substr( phpversion(), 0, 3 ) == '4.1' ||
-     substr( phpversion(), 0, 3 ) == '4.2' ) {
+     substr( phpversion(), 0, 3 ) == '4.2' ||
+     (substr( phpversion(), 0, 3 ) == '4.0' && empty($rg))) {
     $prefs_are_cached = false;
     $prefs_cache = array();
 }

functions/smtp.php

@@ -279,14 +279,28 @@ function timezone () {
 
 /* Print all the needed RFC822 headers */
 function write822Header ($fp, $t, $c, $b, $subject, $body, $more_headers, $session, $rn="\r\n") {
-    global $REMOTE_ADDR, $SERVER_NAME, $REMOTE_PORT;
-    global $data_dir, $username, $popuser, $domain, $version, $useSendmail;
-    global $default_charset, $HTTP_VIA, $HTTP_X_FORWARDED_FOR;
-    global $REMOTE_HOST, $identity;
+    global $data_dir, $username, $popuser, $domain, $version, $useSendmail,
+        $default_charset, $identity, $_SERVER;
 
     /* Storing the header to make sure the header is the same
      * everytime the header is printed.
      */
+
+    /* get those globals */
+    $REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
+    $SERVER_NAME = $_SERVER['SERVER_NAME'];
+    $REMOTE_PORT = $_SERVER['REMOTE_PORT'];
+
+    if(isset($_SERVER['REMOTE_HOST'])) {
+        $REMOTE_HOST = $_SERVER['REMOTE_HOST'];
+    }
+    if(isset($_SERVER['HTTP_VIA'])) {
+        $HTTP_VIA = $_SERVER['HTTP_VIA'];
+    }
+    if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+        $HTTP_X_FORWARDED_FOR = $_SERVER['HTTP_X_FORWARDED_FOR'];
+    }
+
     static $header, $headerlength, $headerrn;
     
     if ($header == '') {

functions/strings.php

@@ -156,17 +156,17 @@ function getLineOfAddrs($array) {
 }
 
 function php_self () {
-    global $PHP_SELF, $HTTP_SERVER_VARS;
+    global $PHP_SELF, $_SERVER;
     
-    if (isset($HTTP_SERVER_VARS['REQUEST_URI']) && !empty($HTTP_SERVER_VARS['REQUEST_URI']) ) {
-        return $HTTP_SERVER_VARS['REQUEST_URI'];
+    if (isset($_SERVER['REQUEST_URI']) && !empty($_SERVER['REQUEST_URI']) ) {
+        return $_SERVER['REQUEST_URI'];
     }
 
     if (isset($PHP_SELF) && !empty($PHP_SELF)) {
         return $PHP_SELF;
-    } else if (isset($HTTP_SERVER_VARS['PHP_SELF']) &&
-               !empty($HTTP_SERVER_VARS['PHP_SELF'])) {
-        return $HTTP_SERVER_VARS['PHP_SELF'];
+    } else if (isset($_SERVER['PHP_SELF']) &&
+               !empty($_SERVER['PHP_SELF'])) {
+        return $_SERVER['PHP_SELF'];
     } else {
         return '';
     }
@@ -184,8 +184,7 @@ function php_self () {
  */
 function get_location () {
     
-    global $PHP_SELF, $SERVER_NAME, $HTTP_HOST, $SERVER_PORT,
-        $HTTP_SERVER_VARS, $imap_server_type;
+    global $_SERVER, $imap_server_type;
     
     /* Get the path, handle virtual directories */
     $path = substr(php_self(), 0, strrpos(php_self(), '/'));
@@ -200,30 +199,27 @@ function get_location () {
      */
     $getEnvVar = getenv('HTTPS');
     if ((isset($getEnvVar) && !strcasecmp($getEnvVar, 'on')) ||
-        (isset($HTTP_SERVER_VARS['HTTPS'])) ||
-        (isset($HTTP_SERVER_VARS['SERVER_PORT']) &&
-         $HTTP_SERVER_VARS['SERVER_PORT'] == 443)) {
+        (isset($_SERVER['HTTPS'])) ||
+        (isset($_SERVER['SERVER_PORT']) &&
+         $_SERVER['SERVER_PORT'] == 443)) {
         $proto = 'https://';
     }
     
     /* Get the hostname from the Host header or server config. */
     $host = '';
-    if (isset($HTTP_HOST) && !empty($HTTP_HOST)) {
-        $host = $HTTP_HOST;
-    } else if (isset($SERVER_NAME) && !empty($SERVER_NAME)) {
-        $host = $SERVER_NAME;
-    } else if (isset($HTTP_SERVER_VARS['SERVER_NAME']) &&
-               !empty($HTTP_SERVER_VARS['SERVER_NAME'])) {
-        $host = $HTTP_SERVER_VARS['SERVER_NAME'];
+    if (isset($_SERVER['HTTP_HOST']) && !empty($_SERVER['HTTP_HOST'])) {
+        $host = $_SERVER['HTTP_HOST'];
+    } else if (isset($_SERVER['SERVER_NAME']) &&
+        !empty($_SERVER['SERVER_NAME'])) {
     }
 
     
     $port = '';
     if (! strstr($host, ':')) {
-        if (isset($SERVER_PORT)) {
-            if (($SERVER_PORT != 80 && $proto == 'http://')
-                || ($SERVER_PORT != 443 && $proto == 'https://')) {
-                $port = sprintf(':%d', $SERVER_PORT);
+        if (isset($_SERVER['SERVER_PORT'])) {
+            if (($_SERVER['SERVER_PORT'] != 80 && $proto == 'http://')
+                || ($_SERVER['SERVER_PORT'] != 443 && $proto == 'https://')) {
+                $port = sprintf(':%d', $_SERVER['SERVER_PORT']);
             }
         }
     }
@@ -317,7 +313,7 @@ function sq_mt_seed($Val) {
  * the same 'random' numbers twice in one session.
  */
 function sq_mt_randomize() {
-    global $REMOTE_PORT, $REMOTE_ADDR, $UNIQUE_ID;
+    global $_SERVER;
     static $randomized;
     
     if ($randomized) {
@@ -326,7 +322,7 @@ function sq_mt_randomize() {
     
     /* Global. */
     sq_mt_seed((int)((double) microtime() * 1000000));
-    sq_mt_seed(md5($REMOTE_PORT . $REMOTE_ADDR . getmypid()));
+    sq_mt_seed(md5($_SERVER['REMOTE_PORT'] . $_SERVER['REMOTE_ADDR'] . getmypid()));
     
     /* getrusage */
     if (function_exists('getrusage')) {
@@ -342,8 +338,9 @@ function sq_mt_randomize() {
         }
     }
     
-    /* Apache-specific */
-    sq_mt_seed(md5($UNIQUE_ID));
+    if(isset($_SERVER['UNIQUE_ID'])) {
+        sq_mt_seed(md5($_SERVER['UNIQUE_ID']));
+    }
     
     $randomized = 1;
 }

src/addrbook_search.php

@@ -23,6 +23,23 @@ require_once(SM_PATH . 'include/validate.php');
 require_once(SM_PATH . 'functions/strings.php');
 require_once(SM_PATH . 'functions/html.php');
 
+/* lets get the global vars we may need */
+$key  = $_COOKIE['key'];
+$username = $_SESSION['username'];
+$onetimepad = $_SESSION['onetimepad'];
+$base_uri = $_SESSION['base_uri'];
+
+sqextractGlobalVar('show');
+if ( isset($_POST['query']) ) {
+    $query = $_POST['query'];
+}
+if ( isset($_POST['listall']) ) {
+    $listall = $_POST['listall'];
+}
+if ( isset($_POST['backend'] ) ) {
+    $backend = $_POST['backend'];
+}
+
 /* Function to include JavaScript code */
 function insert_javascript() {
     ?>

src/addrbook_search_html.php

@@ -30,6 +30,18 @@ require_once(SM_PATH . 'functions/plugin.php');
 require_once(SM_PATH . 'functions/strings.php');
 require_once(SM_PATH . 'functions/html.php');
 
+$session = $_POST['session'];
+$mailbox = $_POST['mailbox'];
+if ( isset($_POST['addrquery']) ) {
+    $addrquery = $_POST['addrquery'];
+}
+if ( isset($_POST['listall']) ) {
+    $listall = $_POST['listall'];
+}
+if ( isset($_POST['backend'] ) ) {
+    $backend = $_POST['backend'];
+}
+
 /* Insert hidden data */
 function addr_insert_hidden() {
     global $body, $subject, $send_to, $send_to_cc, $send_to_bcc, $mailbox,
@@ -138,7 +150,6 @@ if ($javascript_on) {
 
 /* --- End functions --- */
 
-global $mailbox;
 if ($compose_new_win == '1') {
     compose_Header($color, $mailbox);
 }

src/addressbook.php

@@ -22,6 +22,36 @@ require_once(SM_PATH . 'functions/addressbook.php');
 require_once(SM_PATH . 'functions/strings.php');
 require_once(SM_PATH . 'functions/html.php');
 
+/* lets get the global vars we may need */
+$key  = $_COOKIE['key'];
+
+$username = $_SESSION['username'];
+$onetimepad = $_SESSION['onetimepad'];
+$base_uri = $_SESSION['base_uri'];
+$delimiter = $_SESSION['delimiter'];
+
+/* From the address form */
+if ( isset($_POST['addaddr']) ) {
+    $addaddr = &$_POST['addaddr'];
+}
+if ( isset($_POST['editaddr']) ) {
+    $editaddr = &$_POST['editaddr'];
+}
+if ( isset($_POST['deladdr']) ) {
+    $deladdr = &$_POST['deladdr'];
+}
+$sel = &$_POST['sel'];
+
+if (isset($_POST['oldnick'])) {
+    $oldnick = $_POST['oldnick'];
+}
+if (isset($_POST['backend'])) {
+    $backend = $_POST['backend'];
+}
+if (isset($_POST['doedit'])) {
+    $doedit = $_POST['doedit'];
+}
+
 /* Make an input field */
 function adressbook_inp_field($label, $field, $name, $size, $values, $add) {
     global $color;
@@ -78,7 +108,7 @@ $form_url = 'addressbook.php';
 
 
 /* Handle user's actions */
-if($REQUEST_METHOD == 'POST') {
+if($_SERVER['REQUEST_METHOD'] == 'POST') {
 
     /**************************************************
      * Add new address                                *
@@ -383,4 +413,4 @@ echo '</FORM>';
 do_hook('addressbook_bottom');
 ?>
 
-</BODY></HTML>
+</BODY></HTML>

src/compose.php

@@ -30,7 +30,78 @@ require_once(SM_PATH . 'functions/plugin.php');
 require_once(SM_PATH . 'functions/display_messages.php');
 require_once(SM_PATH . 'class/deliver/Deliver.class.php');
 
+/* --------------------- Get globals ------------------------------------- */
+$username = $_SESSION['username'];
+$onetimepad = $_SESSION['onetimepad'];
+$base_uri = $_SESSION['base_uri'];
+$delimiter = $_SESSION['delimiter'];
+
+if (isset($_POST['return'])) {
+    $html_addr_search_done = 'Use Addresses';
+}
+if ( isset($_SESSION['composesession']) ) {
+    $composesession = $_SESSION['composesession'];
+}
+sqextractGlobalVar('session');
+sqextractGlobalVar('mailbox');
+sqextractGlobalVar('identity');
+sqextractGlobalVar('send_to');
+sqextractGlobalVar('send_to_cc');
+sqextractGlobalVar('send_to_bcc');
+sqextractGlobalVar('subject');
+sqextractGlobalVar('body');
+sqextractGlobalVar('mailprio');
+sqextractGlobalVar('request_mdn');
+sqextractGlobalVar('request_dr');
+sqextractGlobalVar('html_addr_search');
+sqextractGlobalVar('mail_sent');
+sqextractGlobalVar('passed_id');
+
+if ( isset($_POST['sigappend']) ) {
+    $sigappend = $_POST['sigappend'];
+}
+/* From addressbook search */
+if ( isset($_POST['from_htmladdr_search']) ) {
+    $from_htmladdr_search = $_POST['from_htmladdr_search'];
+}
+if ( isset($_POST['addr_search_done']) ) {
+    $html_addr_search_done = $_POST['addr_search_done'];
+}
+if ( isset($_POST['send_to_search']) ) {
+    $send_to_search = &$_POST['send_to_search'];
+}
+
+/* Attachments */
+sqextractGlobalVar('attach');
+if ( isset($_POST['do_delete']) ) {
+    $do_delete = $_POST['do_delete'];
+}
+if ( isset($_POST['delete']) ) {
+    $delete = &$_POST['delete'];
+}
+if ( isset($_POST['attachments']) ) {
+    $attachments = &$_POST['attachments'];
+}
+elseif ( isset($_SESSION['attachments'])) {
+    $attachments = &$_SESSION['attachments'];
+}
+
+/* Forward message as attachment */
+if ( isset($_GET['attachedmessages']) ) {
+    $attachedmessages = $_GET['attachedmessages'];
+}
+
+/* Drafts */
+sqextractGlobalVar('draft');
+sqextractGlobalVar('draft_id');
+sqextractGlobalVar('ent_num');
+sqextractGlobalVar('saved_draft');
+sqextractGlobalVar('delete_draft');
+
+$key = $_COOKIE['key'];
+
 /* --------------------- Specific Functions ------------------------------ */
+
 function replyAllString($header) {
    global $include_self_reply_all, $username, $data_dir;
    $excl_arr = array();
@@ -125,8 +196,8 @@ if (session_is_registered('session_expired_post')) {
      * another user during this session.
      */
     if ($session_expired_post['username'] != $username) {
-        session_unregister('session_expired_post');
-        session_unregister('session_expired');      
+        sqsession_unregister('session_expired_post');
+        sqsession_unregister('session_expired');      
     } else {
         foreach ($session_expired_post as $postvar => $val) {
             if (isset($val)) {
@@ -140,8 +211,8 @@ if (session_is_registered('session_expired_post')) {
         }
         $session_expired = true;
     }
-    session_unregister('session_expired_post');
-    session_unregister('session_expired');
+    sqsession_unregister('session_expired_post');
+    sqsession_unregister('session_expired');
     if (!isset($mailbox)) {
         $mailbox = '';
     }
@@ -160,6 +231,7 @@ if (!isset($composesession)) {
 }
 
 if (!isset($session) || (isset($newmessage) && $newmessage)) {
+    sqsession_unregister('composesession');
     $session = "$composesession" +1; 
     $composesession = $session;
     sqsession_register($composesession,'composesession');
@@ -219,9 +291,9 @@ if (isset($draft)) {
 }
 
 if (isset($send)) {
-    if (isset($HTTP_POST_FILES['attachfile']) &&
-        $HTTP_POST_FILES['attachfile']['tmp_name'] &&
-        $HTTP_POST_FILES['attachfile']['tmp_name'] != 'none') {
+    if (isset($_FILES['attachfile']) &&
+        $_FILES['attachfile']['tmp_name'] &&
+        $_FILES['attachfile']['tmp_name'] != 'none') {
         $AttachFailure = saveAttachedFiles($session);
     }
     if (checkInput(false) && !isset($AttachFailure)) {
@@ -330,10 +402,10 @@ if (isset($send)) {
     }
     showInputForm($session);
 } elseif (isset($html_addr_search)) {
-    if (isset($HTTP_POST_FILES['attachfile']) &&
-        $HTTP_POST_FILES['attachfile']['tmp_name'] &&
-        $HTTP_POST_FILES['attachfile']['tmp_name'] != 'none') {
-        if (saveAttachedFiles($session)) {
+    if (isset($_FILES['attachfile']) &&
+        $_FILES['attachfile']['tmp_name'] &&
+        $_FILES['attachfile']['tmp_name'] != 'none') {
+        if(saveAttachedFiles($session)) {
             plain_error_message(_("Could not move/copy file. File not attached"), $color);
         }
     }
@@ -1032,7 +1104,7 @@ function checkInput ($show) {
 
 /* True if FAILURE */
 function saveAttachedFiles($session) {
-    global $HTTP_POST_FILES, $attachment_dir, $attachments, $username,
+    global $_FILES, $attachment_dir, $attachments, $username,
            $data_dir, $compose_messages;
 
     $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
@@ -1043,20 +1115,20 @@ function saveAttachedFiles($session) {
         $full_localfilename = "$hashed_attachment_dir/$localfilename";
     }
 
-    if (!@rename($HTTP_POST_FILES['attachfile']['tmp_name'], $full_localfilename)) {
+    if (!@rename($_FILES['attachfile']['tmp_name'], $full_localfilename)) {
 	if (function_exists("move_uploaded_file")) {
-            if (!@move_uploaded_file($HTTP_POST_FILES['attachfile']['tmp_name'], $full_localfilename)) {
+            if (!@move_uploaded_file($_FILES['attachfile']['tmp_name'],$full_localfilename)) {
         	return true;
     	    }
 	} else {
-    	    if (!@copy($HTTP_POST_FILES['attachfile']['tmp_name'], $full_localfilename)) {
+    	    if (!@copy($_FILES['attachfile']['tmp_name'], $full_localfilename)) {
                 return true;
             }
 	}
     }
     $message = $compose_messages[$session];
-    $type = strtolower($HTTP_POST_FILES['attachfile']['type']);
-    $name = $HTTP_POST_FILES['attachfile']['name'];
+    $type = strtolower($_FILES['attachfile']['type']);
+    $name = $_FILES['attachfile']['name'];
     $message->initAttachment($type, $name, $full_localfilename);
     $compose_messages[$session] = $message;
 }

src/delete_message.php

@@ -19,6 +19,29 @@ require_once(SM_PATH . 'include/validate.php');
 require_once(SM_PATH . 'functions/display_messages.php');
 require_once(SM_PATH . 'functions/imap.php');
 
+$key = $_COOKIE['key'];
+$username = $_SESSION['username'];
+$onetimepad = $_SESSION['onetimepad'];
+
+$message = $_GET['message'];
+$mailbox = $_GET['mailbox'];
+
+if (isset($_GET['saved_draft'])) {
+    $saved_draft = $_GET['saved_draft'];
+}
+if (isset($_GET['mail_sent'])) {
+    $mail_sent = $_GET['mail_sent'];
+}
+$sort = $_GET['sort'];
+$startMessage = $_GET['startMessage'];
+
+if(isset($_GET['where'])) {
+    $where = $_GET['where'];
+}
+if(isset($_GET['what'])) {
+    $what = $_GET['what'];
+}
+
 $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
 
 sqimap_mailbox_select($imapConnection, $mailbox);

src/download.php

@@ -23,6 +23,46 @@ require_once(SM_PATH . 'functions/mime.php');
 header('Pragma: ');
 header('Cache-Control: cache');
 
+/* globals */
+
+$key = $_COOKIE['key'];
+$username = $_SESSION['username'];
+$onetimepad = $_SESSION['onetimepad'];
+$mailbox = $_GET['mailbox'];
+$passed_id = $_GET['passed_id'];
+$passed_ent_id = $_GET['passed_ent_id'];
+$base_uri = $base_uri = $_SESSION['base_uri'];
+
+if (isset($_GET['startMessage'])) {
+    $startMessage = $_GET['startMessage'];
+}
+if(isset($_GET['where'])) {
+    $where = $_GET['where'];
+}
+if(isset($_GET['what'])) {
+    $what = $_GET['what'];
+}
+if(isset($_GET['showHeaders'])) {
+    $showHeaders = $_GET['showHeaders'];
+}
+if(isset($_GET['absolute_dl'])) {
+    $absolute_dl = $_GET['absolute_dl'];
+}
+if (isset($_GET['show_more_cc'])) {
+    $show_more = $_GET['show_more_cc'];
+}
+if(isset($_GET['show_more_bcc'])) {
+    $show_more = $_GET['show_more_bcc'];
+}
+if(isset($_GET['show_more'])) {
+    $show_more = $_GET['show_more'];
+}
+if(isset($_GET['sort'])) {
+    $sort = $_GET['sort'];
+}    
+ 
+/* end globals */
+
 function get_extract_to_target_list($imapConnection) {
     $boxes = sqimap_mailbox_list($imapConnection);
     for ($i = 0; $i < count($boxes); $i++) {  
@@ -158,9 +198,11 @@ mime_print_body_lines ($imapConnection, $passed_id, $ent_id, $encoding);
  * version of IE.  I don't know if it works with Opera, but it should now.
  */
 function DumpHeaders($type0, $type1, $filename, $force) {
-    global $HTTP_USER_AGENT, $languages, $squirrelmail_language;
+    global $_SERVER, $languages, $squirrelmail_language;
     $isIE = 0;
 
+    $HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
+
     if (strstr($HTTP_USER_AGENT, 'compatible; MSIE ') !== false &&
         strstr($HTTP_USER_AGENT, 'Opera') === false) {
         $isIE = 1;

src/draft_actions.php

@@ -17,10 +17,23 @@ require_once(SM_PATH . 'include/validate.php');
 
 /* Print all the needed RFC822 headers */
 function write822HeaderForDraft ($fp, $t, $c, $b, $subject, $more_headers, $session) {
-    global $REMOTE_ADDR, $SERVER_NAME, $REMOTE_PORT;
-    global $data_dir, $username, $popuser, $domain, $version, $useSendmail;
-    global $default_charset, $HTTP_VIA, $HTTP_X_FORWARDED_FOR;
-    global $REMOTE_HOST, $identity;
+    global $data_dir, $username, $popuser, $domain, $version, $useSendmail,
+           $default_charset, $identity, $_SERVER;
+
+    /* get those globals */
+    $REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
+    $SERVER_NAME = $_SERVER['SERVER_NAME'];
+    $REMOTE_PORT = $_SERVER['REMOTE_PORT'];
+
+    if(isset($_SERVER['REMOTE_HOST'])) {
+        $REMOTE_HOST = $_SERVER['REMOTE_HOST'];
+    }
+    if(isset($_SERVER['HTTP_VIA'])) {
+        $HTTP_VIA = $_SERVER['HTTP_VIA'];
+    }
+    if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+        $HTTP_X_FORWARDED_FOR = $_SERVER['HTTP_X_FORWARDED_FOR'];
+    }
 
     /* Storing the header to make sure the header is the same */
     /* everytime the header is printed. */
@@ -147,11 +160,14 @@ function writeBodyForDraft ($fp, $passedBody, $session) {
 
 function saveMessageAsDraft($t, $c, $b, $subject, $body, $reply_id, $prio = 3, $session) {
     global $useSendmail, $msg_id, $is_reply, $mailbox, $onetimepad,
-           $data_dir, $username, $domain, $key, $version, $sent_folder,
+           $data_dir, $domain, $version, $sent_folder,
            $imapServerAddress, $imapPort, $draft_folder, $attachment_dir,
-           $default_use_priority;
+           $default_use_priority, $_SESSION, $_COOKIE;
     $more_headers = Array();
 
+    $username = $_SESSION['username'];
+    $key = $_COOKIE['key'];
+
     if ($default_use_priority) {
         $more_headers = array_merge($more_headers, createPriorityHeaders($prio));
     }

src/image.php

@@ -23,6 +23,13 @@ require_once(SM_PATH . 'include/load_prefs.php');
 
 displayPageHeader($color, 'None');
 
+/* globals */
+
+$mailbox = $_GET['mailbox'];
+$passed_id = $_GET['passed_id'];
+
+/* end globals */
+
 echo '<BR>' . 
     '<TABLE WIDTH="100%" BORDER=0 CELLSPACING=0 CELLPADDING=2 ALIGN=CENTER>' .
     "\n" .

src/printer_friendly_bottom.php

@@ -26,6 +26,16 @@ require_once(SM_PATH . 'functions/imap.php');
 require_once(SM_PATH . 'functions/page_header.php');
 require_once(SM_PATH . 'functions/html.php');
 
+/* get some of these globals */
+$key = $_COOKIE['key'];
+$username = $_SESSION['username'];
+$onetimepad = $_SESSION['onetimepad'];
+
+$passed_ent_id = $_GET['passed_ent_id'];
+$passed_id = $_GET['passed_id'];
+$mailbox = $_GET['mailbox'];
+/* end globals */
+
 $pf_cleandisplay = getPref($data_dir, $username, 'pf_cleandisplay');
 $mailbox = urldecode($mailbox);
 $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);

src/printer_friendly_main.php

@@ -18,6 +18,12 @@ require_once(SM_PATH . 'functions/page_header.php');
 
 displayHtmlHeader( _("Printer Friendly"), '', FALSE );
 
+/* get those globals into gear */
+$passed_ent_id = $_GET['passed_ent_id'];
+$passed_id = $_GET['passed_id'];
+$mailbox = $_GET['mailbox'];
+/* end globals */
+
 echo "<frameset rows=\"60, *\" noresize border=\"0\">\n".
      "<frame src=\"printer_friendly_top.php\" name=\"top_frame\" scrolling=\"no\">".
      '<frame src="printer_friendly_bottom.php?passed_ent_id='.

src/read_body.php

@@ -157,11 +157,13 @@ function ServerMDNSupport($read) {
 }
 
 function SendMDN ( $mailbox, $passed_id, $sender, $message, $imapConnection) {
-    global $username, $attachment_dir, $SERVER_NAME,
+    global $username, $attachment_dir, $_SERVER,
            $version, $attachments, $squirrelmail_language, $default_charset,
            $languages, $useSendmail, $domain, $sent_folder,
            $popuser, $data_dir, $username;
 
+    $SERVER_NAME = $_SERVER['SERVER_NAME'];
+
     $header = $message->rfc822_header;
     $hashed_attachment_dir = getHashedDir($username, $attachment_dir);
 
@@ -614,11 +616,76 @@ function formatToolbar($mailbox, $passed_id, $passed_ent_id, $message, $color) {
 /*   Main of read_body.php */
 /***************************/
 
-/*
-    Urled vars
-    ----------
-    $passed_id
-*/
+/* get the globals we may need */
+
+$username = $_SESSION['username'];
+$key = $_COOKIE['key'];
+$onetimepad = $_SESSION['onetimepad'];
+$msgs = $_SESSION['msgs'];
+$base_uri = $_SESSION['base_uri'];
+$delimiter = $_SESSION['delimiter'];
+
+if (isset($_GET['passed_id'])) {
+    $passed_id = $_GET['passed_id'];
+}
+elseif (isset($_POST['passed_id'])) {
+    $passed_id = $_POST['passed_id'];
+}
+
+if (isset($_GET['sendreceipt'])) {
+    $sendreceipt = $_GET['sendreceipt'];
+}
+
+if (isset($_GET['sort'])) {
+    $sort = $_GET['sort'];
+}
+elseif (isset($_POST['sort'])) {
+    $sort = $_POST['sort'];
+}
+if (isset($_GET['startMessage'])) {
+    $startMessage = $_GET['startMessage'];
+}
+elseif (isset($_POST['startMessage'])) {
+    $startMessage = $_POST['startMessage'];
+}
+if (isset($_GET['show_more'])) {
+    $show_more = $_GET['show_more'];
+}
+elseif (isset($_POST['show_more'])) {
+    $show_more = $_POST['show_more'];
+}
+if (isset($_GET['mailbox'])) {
+    $mailbox = $_GET['mailbox'];
+}
+elseif (isset($_POST['mailbox'])) {
+    $mailbox = $_POST['mailbox'];
+}
+if (isset($_GET['where'])) {
+    $where = $_GET['where'];
+}
+if (isset($_GET['what'])) {
+    $what = $_GET['what'];
+}
+if (isset($_GET['view_hdr'])) {
+    $view_hdr = $_GET['view_hdr'];
+}
+if (isset($_SESSION['server_sort_array'])) {
+    $server_sort_array = $_SESSION['server_sort_array'];
+}
+if (isset($_SESSION['msgs'])) {
+    $msgs = $_SESSION['msgs'];
+}
+if (isset($_SESSION['msort'])) {
+    $msort = $_SESSION['msort'];
+}
+if (isset($_POST['move_id'])) {
+    $move_id = $_POST['move_id'];
+}
+if (isset($_SESSION['lastTargetMailbox'])) {
+    $lastTargetMailbox = $_SESSION['lastTargetMailbox'];
+}
+
+/* end of get globals */
 
 global $uid_support, $sqimap_capabilities;
 

src/retrievalerror.php

@@ -27,6 +27,29 @@ require_once(SM_PATH . 'include/load_prefs.php');
 $destination = 'retrievalerror@squirrelmail.org';
 $attachments = array();
 
+/* globals */
+
+$key = $_COOKIE['key'];
+$username = $_SESSION['username'];
+$onetimepad = $_SESSION['onetimepad'];
+
+$mailbox = $_GET['mailbox'];
+$passed_id = $_GET['passed_id'];
+$startMessage = $_GET['startMessage'];
+$show_more = $_GET['show_more'];
+$response = $_GET['response'];
+$message = $_GET['message'];
+$topline = $_GET['topline'];
+
+if(isset($_GET['where'])) {
+    $where = $_GET['where'];
+}
+if(isset($_GET['what'])) {
+    $what = $_GET['what'];
+}
+
+/* end globals */
+
 function ClearAttachments() {
     global $attachments, $attachment_dir, $username;
 

src/search.php

@@ -22,6 +22,33 @@ require_once(SM_PATH . 'functions/strings.php');
 
 global $allow_thread_sort;
 
+/* get globals we may need */
+
+$key = $_COOKIE['key'];
+$username = $_SESSION['username'];
+$onetimepad = $_SESSION['onetimepad'];
+$delimiter = $_SESSION['delimiter'];
+
+if (isset($_GET['mailbox'])) {
+    $mailbox = strip_tags($_GET['mailbox']);
+}
+if (isset($_GET['submit'])) {
+    $submit = strip_tags($_GET['submit']);
+}
+if (isset($_GET['what'])) {
+    $what = $_GET['what'];
+}
+if (isset($_GET['where'])) {
+    $where = strip_tags($_GET['where']);
+}
+if (isset($_GET['checkall'])) {
+    $checkall = strip_tags($_GET['checkall']);
+}
+if (isset($_GET['count'])) {
+    $count = strip_tags($_GET['count']);
+}
+/* end of get globals */
+
 /*  here are some functions, could go in imap_search.php
     this was here, pretty handy  */
 function s_opt( $val, $sel, $tit ) {

src/vcard.php

@@ -21,6 +21,17 @@ require_once(SM_PATH . 'functions/page_header.php');
 require_once(SM_PATH . 'functions/mime.php');
 require_once(SM_PATH . 'include/load_prefs.php');
 
+/* globals */
+$key  = $_COOKIE['key'];
+$username = $_SESSION['username'];
+$onetimepad = $_SESISON['onetimepad'];
+
+$mailbox = $_GET['mailbox'];
+$passed_id = $_GET['passed_id'];
+$passed_ent_id = $_GET['passed_ent_id'];
+
+/* end globals */
+
 $imapConnection = sqimap_login($username, $key, $imapServerAddress, $imapPort, 0);
 sqimap_mailbox_select($imapConnection, $mailbox);
 

themes/random.php

@@ -14,6 +14,8 @@
  */
 
 sq_mt_randomize();
+
+require_once(SM_PATH . 'functions/global.php');
    
 global $theme, $random_theme_good_themes;
    
@@ -28,7 +30,7 @@ if (!session_is_registered('random_theme_good_theme')) {
     $good_themes[] = '../themes/default.php';
     $which = mt_rand(0, count($good_themes));
     $random_theme_good_theme = $good_themes[$which];
-    session_register('random_theme_good_theme');
+    sqsession_register($random_theme_good_theme, 'random_theme_good_theme');
 }
    
 @include_once ($random_theme_good_theme);