We use cookies to ensure you get the best experience on our website
Home Esplora Aiuto
Registrati Accedi
0ct0pu5
/
squirrelmail
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): 2bcb33e722
Rami (Branch) Tag
squirrelmail
/
functions
/
global.php

global.php 13 KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * global.php
    5. 

  5.  *
    6. 

  6.  * This includes code to update < 4.1.0 globals to the newer format
    7. 

  7.  * It also has some session register functions that work across various
    8. 

  8.  * php versions.
    9. 

  9.  *
    10. 

  10.  * @copyright &copy; 1999-2006 The SquirrelMail Project Team
    11. 

  11.  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
    12. 

  12.  * @version $Id$
    13. 

  13.  * @package squirrelmail
    14. 

  14.  */
    15. 

  15. 

  16. /**
    17. 

  17.  */
    18. 

  18. define('SQ_INORDER',0);
    19. 

  19. define('SQ_GET',1);
    20. 

  20. define('SQ_POST',2);
    21. 

  21. define('SQ_SESSION',3);
    22. 

  22. define('SQ_COOKIE',4);
    23. 

  23. define('SQ_SERVER',5);
    24. 

  24. define('SQ_FORM',6);
    25. 

  25. 

  26. 

  27. /**
    28. 

  28.  * returns true if current php version is at mimimum a.b.c
    29. 

  29.  *
    30. 

  30.  * Called: check_php_version(4,1)
    31. 

  31.  * @param int a major version number
    32. 

  32.  * @param int b minor version number
    33. 

  33.  * @param int c release number
    34. 

  34.  * @return bool
    35. 

  35.  */
    36. 

  36. function check_php_version ($a = '0', $b = '0', $c = '0')
    37. 

  37. {
    38. 

  38.     return version_compare ( PHP_VERSION, "$a.$b.$c", 'ge' );
    39. 

  39. }
    40. 

  40. 

  41. /**
    42. 

  42.  * returns true if the current internal SM version is at minimum a.b.c
    43. 

  43.  * These are plain integer comparisons, as our internal version is
    44. 

  44.  * constructed by us, as an array of 3 ints.
    45. 

  45.  *
    46. 

  46.  * Called: check_sm_version(1,3,3)
    47. 

  47.  * @param int a major version number
    48. 

  48.  * @param int b minor version number
    49. 

  49.  * @param int c release number
    50. 

  50.  * @return bool
    51. 

  51.  */
    52. 

  52. function check_sm_version($a = 0, $b = 0, $c = 0)
    53. 

  53. {
    54. 

  54.     global $SQM_INTERNAL_VERSION;
    55. 

  55.     if ( !isset($SQM_INTERNAL_VERSION) ||
    56. 

  56.          $SQM_INTERNAL_VERSION[0] < $a ||
    57. 

  57.          ( $SQM_INTERNAL_VERSION[0] == $a &&
    58. 

  58.            $SQM_INTERNAL_VERSION[1] < $b) ||
    59. 

  59.          ( $SQM_INTERNAL_VERSION[0] == $a &&
    60. 

  60.            $SQM_INTERNAL_VERSION[1] == $b &&
    61. 

  61.            $SQM_INTERNAL_VERSION[2] < $c ) ) {
    62. 

  62.         return FALSE;
    63. 

  63.     }
    64. 

  64.     return TRUE;
    65. 

  65. }
    66. 

  66. 

  67. 

  68. /**
    69. 

  69.  * Recursively strip slashes from the values of an array.
    70. 

  70.  * @param array array the array to strip, passed by reference
    71. 

  71.  * @return void
    72. 

  72.  */
    73. 

  73. function sqstripslashes(&$array) {
    74. 

  74.     if(count($array) > 0) {
    75. 

  75.         foreach ($array as $index=>$value) {
    76. 

  76.             if (is_array($array[$index])) {
    77. 

  77.                 sqstripslashes($array[$index]);
    78. 

  78.             }
    79. 

  79.             else {
    80. 

  80.                 $array[$index] = stripslashes($value);
    81. 

  81.             }
    82. 

  82.         }
    83. 

  83.     }
    84. 

  84. }
    85. 

  85. 

  86. /**
    87. 

  87.  * Add a variable to the session.
    88. 

  88.  * @param mixed $var the variable to register
    89. 

  89.  * @param string $name the name to refer to this variable
    90. 

  90.  * @return void
    91. 

  91.  */
    92. 

  92. function sqsession_register ($var, $name) {
    93. 

  93. 

  94.     sqsession_is_active();
    95. 

  95. 

  96.     $_SESSION["$name"] = $var;
    97. 

  97. 

  98.     session_register("$name");
    99. 

  99. }
    100. 

  100. 

  101. /**
    102. 

  102.  * Delete a variable from the session.
    103. 

  103.  * @param string $name the name of the var to delete
    104. 

  104.  * @return void
    105. 

  105.  */
    106. 

  106. function sqsession_unregister ($name) {
    107. 

  107. 

  108.     sqsession_is_active();
    109. 

  109. 

  110.     unset($_SESSION[$name]);
    111. 

  111. 

  112.     session_unregister("$name");
    113. 

  113. }
    114. 

  114. 

  115. /**
    116. 

  116.  * Checks to see if a variable has already been registered
    117. 

  117.  * in the session.
    118. 

  118.  * @param string $name the name of the var to check
    119. 

  119.  * @return bool whether the var has been registered
    120. 

  120.  */
    121. 

  121. function sqsession_is_registered ($name) {
    122. 

  122.     $test_name = &$name;
    123. 

  123.     $result = false;
    124. 

  124. 

  125.     if (isset($_SESSION[$test_name])) {
    126. 

  126.         $result = true;
    127. 

  127.     }
    128. 

  128. 

  129.     return $result;
    130. 

  130. }
    131. 

  131. 

  132. /**
    133. 

  133.  * Search for the var $name in $_SESSION, $_POST, $_GET, $_COOKIE, or $_SERVER
    134. 

  134.  * and set it in provided var.
    135. 

  135.  *
    136. 

  136.  * If $search is not provided, or if it is SQ_INORDER, it will search $_SESSION,
    137. 

  137.  * then $_POST, then $_GET. If $search is SQ_FORM it will search $_POST and
    138. 

  138.  * $_GET.  Otherwise, use one of the defined constants to look for a var in one
    139. 

  139.  * place specifically.
    140. 

  140.  *
    141. 

  141.  * Note: $search is an int value equal to one of the constants defined above.
    142. 

  142.  *
    143. 

  143.  * Example:
    144. 

  144.  * sqgetGlobalVar('username',$username,SQ_SESSION);
    145. 

  145.  * // No quotes around last param, it's a constant - not a string!
    146. 

  146.  *
    147. 

  147.  * @param string name the name of the var to search
    148. 

  148.  * @param mixed value the variable to return
    149. 

  149.  * @param int search constant defining where to look
    150. 

  150.  * @param int typecast force variable to be cast to given type (please
    151. 

  151.  *                     use SQ_TYPE_XXX constants or set to FALSE (default)
    152. 

  152.  *                     to leave variable type unmolested)
    153. 

  153.  * @return bool whether variable is found.
    154. 

  154.  */
    155. 

  155. function sqgetGlobalVar($name, &$value, $search = SQ_INORDER, $default = NULL, $typecast = false) {
    156. 

  156. 

  157.     $result = false;
    158. 

  158. 

  159.     switch ($search) {
    160. 

  160.         /* we want the default case to be first here,
    161. 

  161.            so that if a valid value isn't specified,
    162. 

  162.            all three arrays will be searched. */
    163. 

  163.       default:
    164. 

  164.       case SQ_INORDER: // check session, post, get
    165. 

  165.       case SQ_SESSION:
    166. 

  166.         if( isset($_SESSION[$name]) ) {
    167. 

  167.             $value = $_SESSION[$name];
    168. 

  168.             $result = TRUE;
    169. 

  169.             break;
    170. 

  170.         } elseif ( $search == SQ_SESSION ) {
    171. 

  171.             break;
    172. 

  172.         }
    173. 

  173.       case SQ_FORM:   // check post, get
    174. 

  174.       case SQ_POST:
    175. 

  175.         if( isset($_POST[$name]) ) {
    176. 

  176.             $value = $_POST[$name];
    177. 

  177.             $result = TRUE;
    178. 

  178.             break;
    179. 

  179.         } elseif ( $search == SQ_POST ) {
    180. 

  180.           break;
    181. 

  181.         }
    182. 

  182.       case SQ_GET:
    183. 

  183.         if ( isset($_GET[$name]) ) {
    184. 

  184.             $value = $_GET[$name];
    185. 

  185.             $result = TRUE;
    186. 

  186.             break;
    187. 

  187.         }
    188. 

  188.         /* NO IF HERE. FOR SQ_INORDER CASE, EXIT after GET */
    189. 

  189.         break;
    190. 

  190.       case SQ_COOKIE:
    191. 

  191.         if ( isset($_COOKIE[$name]) ) {
    192. 

  192.             $value = $_COOKIE[$name];
    193. 

  193.             $result = TRUE;
    194. 

  194.             break;
    195. 

  195.         }
    196. 

  196.         break;
    197. 

  197.       case SQ_SERVER:
    198. 

  198.         if ( isset($_SERVER[$name]) ) {
    199. 

  199.             $value = $_SERVER[$name];
    200. 

  200.             $result = TRUE;
    201. 

  201.             break;
    202. 

  202.         }
    203. 

  203.         break;
    204. 

  204.     }
    205. 

  205.     if ($result && $typecast) {
    206. 

  206.         switch ($typecast) {
    207. 

  207.             case SQ_TYPE_INT: $value = (int) $value; break;
    208. 

  208.             case SQ_TYPE_STRING: $value = (string) $value; break;
    209. 

  209.             case SQ_TYPE_BOOL: $value = (bool) $value; break;
    210. 

  210.             default: break;
    211. 

  211.         }
    212. 

  212.     } else if (!$result && !is_null($default)) {
    213. 

  213.         $value = $default;
    214. 

  214.     }
    215. 

  215.     return $result;
    216. 

  216. }
    217. 

  217. 

  218. /**
    219. 

  219.  * Deletes an existing session, more advanced than the standard PHP
    220. 

  220.  * session_destroy(), it explicitly deletes the cookies and global vars.
    221. 

  221.  *
    222. 

  222.  * WARNING: Older PHP versions have some issues with session management.
    223. 

  223.  * See http://bugs.php.net/11643 (warning, spammed bug tracker) and 
    224. 

  224.  * http://bugs.php.net/13834. SID constant is not destroyed in PHP 4.1.2,
    225. 

  225.  * 4.2.3 and maybe other versions. If you restart session after session 
    226. 

  226.  * is destroyed, affected PHP versions produce PHP notice. Bug should 
    227. 

  227.  * be fixed only in 4.3.0
    228. 

  228.  */
    229. 

  229. function sqsession_destroy() {
    230. 

  230. 

  231.     /*
    232. 

  232.      * php.net says we can kill the cookie by setting just the name:
    233. 

  233.      * http://www.php.net/manual/en/function.setcookie.php
    234. 

  234.      * maybe this will help fix the session merging again.
    235. 

  235.      *
    236. 

  236.      * Changed the theory on this to kill the cookies first starting
    237. 

  237.      * a new session will provide a new session for all instances of
    238. 

  238.      * the browser, we don't want that, as that is what is causing the
    239. 

  239.      * merging of sessions.
    240. 

  240.      */
    241. 

  241. 

  242.     global $base_uri;
    243. 

  243. 

  244.     if (isset($_COOKIE[session_name()])) sqsetcookie(session_name(), '', 0, $base_uri);
    245. 

  245.     if (isset($_COOKIE['username'])) sqsetcookie('username','',0,$base_uri);
    246. 

  246.     if (isset($_COOKIE['key'])) sqsetcookie('key','',0,$base_uri);
    247. 

  247. 

  248.     $sessid = session_id();
    249. 

  249.     if (!empty( $sessid )) {
    250. 

  250.         $_SESSION = array();
    251. 

  251.         @session_destroy();
    252. 

  252.     }
    253. 

  253. }
    254. 

  254. 

  255. /**
    256. 

  256.  * Function to verify a session has been started.  If it hasn't
    257. 

  257.  * start a session up.  php.net doesn't tell you that $_SESSION
    258. 

  258.  * (even though autoglobal), is not created unless a session is
    259. 

  259.  * started, unlike $_POST, $_GET and such
    260. 

  260.  */
    261. 

  261. function sqsession_is_active() {
    262. 

  262.     $sessid = session_id();
    263. 

  263.     if ( empty( $sessid ) ) {
    264. 

  264.         sqsession_start();
    265. 

  265.     }
    266. 

  266. }
    267. 

  267. 

  268. /**
    269. 

  269.  * Function to start the session and store the cookie with the session_id as
    270. 

  270.  * HttpOnly cookie which means that the cookie isn't accessible by javascript
    271. 

  271.  * (IE6 only)
    272. 

  272.  */
    273. 

  273. function sqsession_start() {
    274. 

  274.     global $base_uri;
    275. 

  275. 

  276.     session_start();
    277. 

  277.     $session_id = session_id();
    278. 

  278. 

  279.     // session_starts sets the sessionid cookie buth without the httponly var
    280. 

  280.     // setting the cookie again sets the httponly cookie attribute
    281. 

  281. 

  282.     // disable, @see sqsetcookie and php 5.1.2
    283. 

  283.     // sqsetcookie(session_name(),session_id(),false,$base_uri);
    284. 

  284. }
    285. 

  285. 

  286. 

  287. /**
    288. 

  288.  * Set a cookie
    289. 

  289.  * @param string  $sName     The name of the cookie.
    290. 

  290.  * @param string  $sValue    The value of the cookie.
    291. 

  291.  * @param int     $iExpire   The time the cookie expires. This is a Unix timestamp so is in number of seconds since the epoch.
    292. 

  292.  * @param string  $sPath     The path on the server in which the cookie will be available on.
    293. 

  293.  * @param string  $sDomain   The domain that the cookie is available.
    294. 

  294.  * @param boolean $bSecure   Indicates that the cookie should only be transmitted over a secure HTTPS connection.
    295. 

  295.  * @param boolean $bHttpOnly Disallow JS to access the cookie (IE6 only)
    296. 

  296.  * @return void
    297. 

  297.  */
    298. 

  298. function sqsetcookie($sName,$sValue,$iExpire=false,$sPath="",$sDomain="",$bSecure=false,$bHttpOnly=true,$bFlush=false) {
    299. 

  299.     static $sCookieCache;
    300. 

  300.     if (!isset($sCache)) {
    301. 

  301.         $sCache = '';
    302. 

  302.     }
    303. 

  303.     /**
    304. 

  304.      * We have to send all cookies with one header call otherwise we loose cookies.
    305. 

  305.      * In order to achieve that the sqsetcookieflush function calls this function with $bFlush = true.
    306. 

  306.      * If that happens we send the cookie header.
    307. 

  307.      */
    308. 

  308.     if ($bFlush) {
    309. 

  309.         // header($sCookieCache);
    310. 

  310.         return;
    311. 

  311.     }
    312. 

  312.     if (!$sName) return;
    313. 

  313. 

  314.     // php 5.1.2 and 4.4.2 do not allow to send multiple headers at once.
    315. 

  315.     // Because that's the only way to get this thing working we fallback to
    316. 

  316.     // setcookie until we solved this
    317. 

  317.     if ($iExpire===false) $iExpire = 0;
    318. 

  318.     setcookie($sName, $sValue, $iExpire, $sPath);
    319. 

  319.     return;
    320. 

  320. 

  321.     $sHeader = "Set-Cookie: $sName=$sValue";
    322. 

  322.     if ($sPath) {
    323. 

  323.         $sHeader .= "; path=$sPath";
    324. 

  324.     }
    325. 

  325.     if ($iExpire !== false) {
    326. 

  326.         $sHeader .= "; Max-Age=$iExpire";
    327. 

  327.         // php uses Expire header, also add the expire header
    328. 

  328.         $sHeader .= "; expires=". gmdate('D, d-M-Y H:i:s T',$iExpire);
    329. 

  329.     }
    330. 

  330.     if ($sDomain) {
    331. 

  331.         $sHeader .= "; Domain=$sDomain";
    332. 

  332.     }
    333. 

  333.     // TODO: IE for Mac (5.2) thinks that semicolon is part of cookie domain
    334. 

  334.     if ($bSecure) {
    335. 

  335.         $sHeader .= "; Secure";
    336. 

  336.     }
    337. 

  337.     if ($bHttpOnly) {
    338. 

  338.         $sHeader .= "; HttpOnly";
    339. 

  339.     }
    340. 

  340.     // $sHeader .= "; Version=1";
    341. 

  341.     $sCookieCache .= $sHeader ."\r\n";
    342. 

  342.     //header($sHeader."\r\n");
    343. 

  343. }
    344. 

  344. 

  345. /**
    346. 

  346.  * Send the cookie header
    347. 

  347.  *
    348. 

  348.  * Cookies set with sqsetcookie will bet set after a sqsetcookieflush call.
    349. 

  349.  * @return void
    350. 

  350.  */
    351. 

  351. function sqsetcookieflush() {
    352. 

  352.     sqsetcookie('','','','','','','',true);
    353. 

  353. }
    354. 

  354. 

  355. /**
    356. 

  356.  * session_regenerate_id replacement for PHP < 4.3.2
    357. 

  357.  *
    358. 

  358.  * This code is borrowed from Gallery, session.php version 1.53.2.1
    359. 

  359.  */
    360. 

  360. if (!function_exists('session_regenerate_id')) {
    361. 

  361.     function make_seed() {
    362. 

  362.         list($usec, $sec) = explode(' ', microtime());
    363. 

  363.         return (float)$sec + ((float)$usec * 100000);
    364. 

  364.     }
    365. 

  365. 

  366.     function php_combined_lcg() {
    367. 

  367.         mt_srand(make_seed());
    368. 

  368.         $tv = gettimeofday();
    369. 

  369.         $lcg['s1'] = $tv['sec'] ^ (~$tv['usec']);
    370. 

  370.         $lcg['s2'] = mt_rand();
    371. 

  371.         $q = (int) ($lcg['s1'] / 53668);
    372. 

  372.         $lcg['s1'] = (int) (40014 * ($lcg['s1'] - 53668 * $q) - 12211 * $q);
    373. 

  373.         if ($lcg['s1'] < 0) {
    374. 

  374.             $lcg['s1'] += 2147483563;
    375. 

  375.         }
    376. 

  376.         $q = (int) ($lcg['s2'] / 52774);
    377. 

  377.         $lcg['s2'] = (int) (40692 * ($lcg['s2'] - 52774 * $q) - 3791 * $q);
    378. 

  378.         if ($lcg['s2'] < 0) {
    379. 

  379.             $lcg['s2'] += 2147483399;
    380. 

  380.         }
    381. 

  381.         $z = (int) ($lcg['s1'] - $lcg['s2']);
    382. 

  382.         if ($z < 1) {
    383. 

  383.             $z += 2147483562;
    384. 

  384.         }
    385. 

  385.         return $z * 4.656613e-10;
    386. 

  386.     }
    387. 

  387. 

  388.     function session_regenerate_id() {
    389. 

  389.         global $base_uri;
    390. 

  390.         $tv = gettimeofday();
    391. 

  391.         sqgetGlobalVar('REMOTE_ADDR',$remote_addr,SQ_SERVER);
    392. 

  392.         $buf = sprintf("%.15s%ld%ld%0.8f", $remote_addr, $tv['sec'], $tv['usec'], php_combined_lcg() * 10);
    393. 

  393.         session_id(md5($buf));
    394. 

  394.         if (ini_get('session.use_cookies')) {
    395. 

  395.             // at a later stage we use sqsetcookie. At this point just do
    396. 

  396.             // what session_regenerate_id would do
    397. 

  397.             setcookie(session_name(), session_id(), NULL, $base_uri);
    398. 

  398.         }
    399. 

  399.         return TRUE;
    400. 

  400.     }
    401. 

  401. }
    402. 

  402. 

  403. 

  404. /**
    405. 

  405.  * php_self
    406. 

  406.  *
    407. 

  407.  * Creates an URL for the page calling this function, using either the PHP global
    408. 

  408.  * REQUEST_URI, or the PHP global PHP_SELF with QUERY_STRING added. Before 1.5.1
    409. 

  409.  * function was stored in function/strings.php.
    410. 

  410.  *
    411. 

  411.  * @return string the complete url for this page
    412. 

  412.  * @since 1.2.3
    413. 

  413.  */
    414. 

  414. function php_self () {
    415. 

  415.     if ( sqgetGlobalVar('REQUEST_URI', $req_uri, SQ_SERVER) && !empty($req_uri) ) {
    416. 

  416.       return $req_uri;
    417. 

  417.     }
    418. 

  418. 

  419.     if ( sqgetGlobalVar('PHP_SELF', $php_self, SQ_SERVER) && !empty($php_self) ) {
    420. 

  420. 

  421.       // need to add query string to end of PHP_SELF to match REQUEST_URI
    422. 

  422.       //
    423. 

  423.       if ( sqgetGlobalVar('QUERY_STRING', $query_string, SQ_SERVER) && !empty($query_string) ) {
    424. 

  424.          $php_self .= '?' . $query_string;
    425. 

  425.       }
    426. 

  426. 

  427.       return $php_self;
    428. 

  428.     }
    429. 

  429. 

  430.     return '';
    431. 

  431. }
    432.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5