We use cookies to ensure you get the best experience on our website
Startsida Utforska Hjälp
Registrera dig Logga in
0ct0pu5
/
squirrelmail
1
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Träd: f65b92a48d
Grenar Taggar
squirrelmail
/
functions
/
global.php

global.php 12 KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * global.php
    5. 

  5.  *
    6. 

  6.  * This includes code to update < 4.1.0 globals to the newer format
    7. 

  7.  * It also has some session register functions that work across various
    8. 

  8.  * php versions.
    9. 

  9.  *
    10. 

  10.  * @copyright &copy; 1999-2006 The SquirrelMail Project Team
    11. 

  11.  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
    12. 

  12.  * @version $Id$
    13. 

  13.  * @package squirrelmail
    14. 

  14.  */
    15. 

  15. 

  16. /**
    17. 

  17.  */
    18. 

  18. define('SQ_INORDER',0);
    19. 

  19. define('SQ_GET',1);
    20. 

  20. define('SQ_POST',2);
    21. 

  21. define('SQ_SESSION',3);
    22. 

  22. define('SQ_COOKIE',4);
    23. 

  23. define('SQ_SERVER',5);
    24. 

  24. define('SQ_FORM',6);
    25. 

  25. 

  26. 

  27. /**
    28. 

  28.  * returns true if current php version is at mimimum a.b.c
    29. 

  29.  *
    30. 

  30.  * Called: check_php_version(4,1)
    31. 

  31.  * @param int a major version number
    32. 

  32.  * @param int b minor version number
    33. 

  33.  * @param int c release number
    34. 

  34.  * @return bool
    35. 

  35.  */
    36. 

  36. function check_php_version ($a = '0', $b = '0', $c = '0')
    37. 

  37. {
    38. 

  38.     return version_compare ( PHP_VERSION, "$a.$b.$c", 'ge' );
    39. 

  39. }
    40. 

  40. 

  41. /**
    42. 

  42.  * returns true if the current internal SM version is at minimum a.b.c
    43. 

  43.  * These are plain integer comparisons, as our internal version is
    44. 

  44.  * constructed by us, as an array of 3 ints.
    45. 

  45.  *
    46. 

  46.  * Called: check_sm_version(1,3,3)
    47. 

  47.  * @param int a major version number
    48. 

  48.  * @param int b minor version number
    49. 

  49.  * @param int c release number
    50. 

  50.  * @return bool
    51. 

  51.  */
    52. 

  52. function check_sm_version($a = 0, $b = 0, $c = 0)
    53. 

  53. {
    54. 

  54.     global $SQM_INTERNAL_VERSION;
    55. 

  55.     if ( !isset($SQM_INTERNAL_VERSION) ||
    56. 

  56.          $SQM_INTERNAL_VERSION[0] < $a ||
    57. 

  57.          ( $SQM_INTERNAL_VERSION[0] == $a &&
    58. 

  58.            $SQM_INTERNAL_VERSION[1] < $b) ||
    59. 

  59.          ( $SQM_INTERNAL_VERSION[0] == $a &&
    60. 

  60.            $SQM_INTERNAL_VERSION[1] == $b &&
    61. 

  61.            $SQM_INTERNAL_VERSION[2] < $c ) ) {
    62. 

  62.         return FALSE;
    63. 

  63.     }
    64. 

  64.     return TRUE;
    65. 

  65. }
    66. 

  66. 

  67. 

  68. /**
    69. 

  69.  * Recursively strip slashes from the values of an array.
    70. 

  70.  * @param array array the array to strip, passed by reference
    71. 

  71.  * @return void
    72. 

  72.  */
    73. 

  73. function sqstripslashes(&$array) {
    74. 

  74.     if(count($array) > 0) {
    75. 

  75.         foreach ($array as $index=>$value) {
    76. 

  76.             if (is_array($array[$index])) {
    77. 

  77.                 sqstripslashes($array[$index]);
    78. 

  78.             }
    79. 

  79.             else {
    80. 

  80.                 $array[$index] = stripslashes($value);
    81. 

  81.             }
    82. 

  82.         }
    83. 

  83.     }
    84. 

  84. }
    85. 

  85. 

  86. /**
    87. 

  87.  * Add a variable to the session.
    88. 

  88.  * @param mixed $var the variable to register
    89. 

  89.  * @param string $name the name to refer to this variable
    90. 

  90.  * @return void
    91. 

  91.  */
    92. 

  92. function sqsession_register ($var, $name) {
    93. 

  93. 

  94.     sqsession_is_active();
    95. 

  95. 

  96.     $_SESSION["$name"] = $var;
    97. 

  97. 

  98.     session_register("$name");
    99. 

  99. }
    100. 

  100. 

  101. /**
    102. 

  102.  * Delete a variable from the session.
    103. 

  103.  * @param string $name the name of the var to delete
    104. 

  104.  * @return void
    105. 

  105.  */
    106. 

  106. function sqsession_unregister ($name) {
    107. 

  107. 

  108.     sqsession_is_active();
    109. 

  109. 

  110.     unset($_SESSION[$name]);
    111. 

  111. 

  112.     session_unregister("$name");
    113. 

  113. }
    114. 

  114. 

  115. /**
    116. 

  116.  * Checks to see if a variable has already been registered
    117. 

  117.  * in the session.
    118. 

  118.  * @param string $name the name of the var to check
    119. 

  119.  * @return bool whether the var has been registered
    120. 

  120.  */
    121. 

  121. function sqsession_is_registered ($name) {
    122. 

  122.     $test_name = &$name;
    123. 

  123.     $result = false;
    124. 

  124. 

  125.     if (isset($_SESSION[$test_name])) {
    126. 

  126.         $result = true;
    127. 

  127.     }
    128. 

  128. 

  129.     return $result;
    130. 

  130. }
    131. 

  131. 

  132. /**
    133. 

  133.  * Search for the var $name in $_SESSION, $_POST, $_GET, $_COOKIE, or $_SERVER
    134. 

  134.  * and set it in provided var.
    135. 

  135.  *
    136. 

  136.  * If $search is not provided, or if it is SQ_INORDER, it will search $_SESSION,
    137. 

  137.  * then $_POST, then $_GET. If $search is SQ_FORM it will search $_POST and
    138. 

  138.  * $_GET.  Otherwise, use one of the defined constants to look for a var in one
    139. 

  139.  * place specifically.
    140. 

  140.  *
    141. 

  141.  * Note: $search is an int value equal to one of the constants defined above.
    142. 

  142.  *
    143. 

  143.  * Example:
    144. 

  144.  * sqgetGlobalVar('username',$username,SQ_SESSION);
    145. 

  145.  * // No quotes around last param, it's a constant - not a string!
    146. 

  146.  *
    147. 

  147.  * @param string name the name of the var to search
    148. 

  148.  * @param mixed value the variable to return
    149. 

  149.  * @param int search constant defining where to look
    150. 

  150.  * @return bool whether variable is found.
    151. 

  151.  */
    152. 

  152. function sqgetGlobalVar($name, &$value, $search = SQ_INORDER, $default = NULL, $typecast = false) {
    153. 

  153. 

  154.     $result = false;
    155. 

  155. 

  156.     switch ($search) {
    157. 

  157.         /* we want the default case to be first here,
    158. 

  158.            so that if a valid value isn't specified,
    159. 

  159.            all three arrays will be searched. */
    160. 

  160.       default:
    161. 

  161.       case SQ_INORDER: // check session, post, get
    162. 

  162.       case SQ_SESSION:
    163. 

  163.         if( isset($_SESSION[$name]) ) {
    164. 

  164.             $value = $_SESSION[$name];
    165. 

  165.             $result = TRUE;
    166. 

  166.             break;
    167. 

  167.         } elseif ( $search == SQ_SESSION ) {
    168. 

  168.             break;
    169. 

  169.         }
    170. 

  170.       case SQ_FORM:   // check post, get
    171. 

  171.       case SQ_POST:
    172. 

  172.         if( isset($_POST[$name]) ) {
    173. 

  173.             $value = $_POST[$name];
    174. 

  174.             $result = TRUE;
    175. 

  175.             break;
    176. 

  176.         } elseif ( $search == SQ_POST ) {
    177. 

  177.           break;
    178. 

  178.         }
    179. 

  179.       case SQ_GET:
    180. 

  180.         if ( isset($_GET[$name]) ) {
    181. 

  181.             $value = $_GET[$name];
    182. 

  182.             $result = TRUE;
    183. 

  183.             break;
    184. 

  184.         }
    185. 

  185.         /* NO IF HERE. FOR SQ_INORDER CASE, EXIT after GET */
    186. 

  186.         break;
    187. 

  187.       case SQ_COOKIE:
    188. 

  188.         if ( isset($_COOKIE[$name]) ) {
    189. 

  189.             $value = $_COOKIE[$name];
    190. 

  190.             $result = TRUE;
    191. 

  191.             break;
    192. 

  192.         }
    193. 

  193.         break;
    194. 

  194.       case SQ_SERVER:
    195. 

  195.         if ( isset($_SERVER[$name]) ) {
    196. 

  196.             $value = $_SERVER[$name];
    197. 

  197.             $result = TRUE;
    198. 

  198.             break;
    199. 

  199.         }
    200. 

  200.         break;
    201. 

  201.     }
    202. 

  202.     if ($result && $typecast) {
    203. 

  203.         switch ($typecast) {
    204. 

  204.             case 'int': $value = (int) $value; break;
    205. 

  205.             case 'bool': $value = (bool) $value; break;
    206. 

  206.             default: break;
    207. 

  207.         }
    208. 

  208.     } else if (!is_null($default)) {
    209. 

  209.         $value = $default;
    210. 

  210.     }
    211. 

  211.     return $result;
    212. 

  212. }
    213. 

  213. 

  214. /**
    215. 

  215.  * Deletes an existing session, more advanced than the standard PHP
    216. 

  216.  * session_destroy(), it explicitly deletes the cookies and global vars.
    217. 

  217.  */
    218. 

  218. function sqsession_destroy() {
    219. 

  219. 

  220.     /*
    221. 

  221.      * php.net says we can kill the cookie by setting just the name:
    222. 

  222.      * http://www.php.net/manual/en/function.setcookie.php
    223. 

  223.      * maybe this will help fix the session merging again.
    224. 

  224.      *
    225. 

  225.      * Changed the theory on this to kill the cookies first starting
    226. 

  226.      * a new session will provide a new session for all instances of
    227. 

  227.      * the browser, we don't want that, as that is what is causing the
    228. 

  228.      * merging of sessions.
    229. 

  229.      */
    230. 

  230. 

  231.     global $base_uri;
    232. 

  232. 

  233.     if (isset($_COOKIE[session_name()])) sqsetcookie(session_name(), '', 0, $base_uri);
    234. 

  234.     if (isset($_COOKIE['username'])) sqsetcookie('username','',0,$base_uri);
    235. 

  235.     if (isset($_COOKIE['key'])) sqsetcookie('key','',0,$base_uri);
    236. 

  236. 

  237.     $sessid = session_id();
    238. 

  238.     if (!empty( $sessid )) {
    239. 

  239.         $_SESSION = array();
    240. 

  240.         @session_destroy();
    241. 

  241.     }
    242. 

  242. }
    243. 

  243. 

  244. /**
    245. 

  245.  * Function to verify a session has been started.  If it hasn't
    246. 

  246.  * start a session up.  php.net doesn't tell you that $_SESSION
    247. 

  247.  * (even though autoglobal), is not created unless a session is
    248. 

  248.  * started, unlike $_POST, $_GET and such
    249. 

  249.  */
    250. 

  250. function sqsession_is_active() {
    251. 

  251.     $sessid = session_id();
    252. 

  252.     if ( empty( $sessid ) ) {
    253. 

  253.         sqsession_start();
    254. 

  254.     }
    255. 

  255. }
    256. 

  256. 

  257. /**
    258. 

  258.  * Function to start the session and store the cookie with the session_id as
    259. 

  259.  * HttpOnly cookie which means that the cookie isn't accessible by javascript
    260. 

  260.  * (IE6 only)
    261. 

  261.  */
    262. 

  262. function sqsession_start() {
    263. 

  263.     global $base_uri;
    264. 

  264. 

  265.     session_start();
    266. 

  266.     $session_id = session_id();
    267. 

  267. 

  268.     // session_starts sets the sessionid cookie buth without the httponly var
    269. 

  269.     // setting the cookie again sets the httponly cookie attribute
    270. 

  270. 

  271.     // disable, @see sqsetcookie and php 5.1.2
    272. 

  272.     // sqsetcookie(session_name(),session_id(),false,$base_uri);
    273. 

  273. }
    274. 

  274. 

  275. 

  276. /**
    277. 

  277.  * Set a cookie
    278. 

  278.  * @param string  $sName     The name of the cookie.
    279. 

  279.  * @param string  $sValue    The value of the cookie.
    280. 

  280.  * @param int     $iExpire   The time the cookie expires. This is a Unix timestamp so is in number of seconds since the epoch.
    281. 

  281.  * @param string  $sPath     The path on the server in which the cookie will be available on.
    282. 

  282.  * @param string  $sDomain   The domain that the cookie is available.
    283. 

  283.  * @param boolean $bSecure   Indicates that the cookie should only be transmitted over a secure HTTPS connection.
    284. 

  284.  * @param boolean $bHttpOnly Disallow JS to access the cookie (IE6 only)
    285. 

  285.  * @return void
    286. 

  286.  */
    287. 

  287. function sqsetcookie($sName,$sValue,$iExpire=false,$sPath="",$sDomain="",$bSecure=false,$bHttpOnly=true,$bFlush=false) {
    288. 

  288.     static $sCookieCache;
    289. 

  289.     if (!isset($sCache)) {
    290. 

  290.         $sCache = '';
    291. 

  291.     }
    292. 

  292.     /**
    293. 

  293.      * We have to send all cookies with one header call otherwise we loose cookies.
    294. 

  294.      * In order to achieve that the sqsetcookieflush function calls this function with $bFlush = true.
    295. 

  295.      * If that happens we send the cookie header.
    296. 

  296.      */
    297. 

  297.     if ($bFlush) {
    298. 

  298.         // header($sCookieCache);
    299. 

  299.         return;
    300. 

  300.     }
    301. 

  301.     if (!$sName) return;
    302. 

  302. 

  303.     // php 5.1.2 and 4.4.2 do not allow to send multiple headers at once.
    304. 

  304.     // Because that's the only way to get this thing working we fallback to
    305. 

  305.     // setcookie until we solved this
    306. 

  306.     if ($iExpire===false) $iExpire = 0;
    307. 

  307.     setcookie($sName, $sValue, $iExpire, $sPath);
    308. 

  308.     return;
    309. 

  309. 

  310.     $sHeader = "Set-Cookie: $sName=$sValue";
    311. 

  311.     if ($sPath) {
    312. 

  312.         $sHeader .= "; path=$sPath";
    313. 

  313.     }
    314. 

  314.     if ($iExpire !== false) {
    315. 

  315.         $sHeader .= "; Max-Age=$iExpire";
    316. 

  316.         // php uses Expire header, also add the expire header
    317. 

  317.         $sHeader .= "; expires=". gmdate('D, d-M-Y H:i:s T',$iExpire);
    318. 

  318.     }
    319. 

  319.     if ($sDomain) {
    320. 

  320.         $sHeader .= "; Domain=$sDomain";
    321. 

  321.     }
    322. 

  322.     // TODO: IE for Mac (5.2) thinks that semicolon is part of cookie domain
    323. 

  323.     if ($bSecure) {
    324. 

  324.         $sHeader .= "; Secure";
    325. 

  325.     }
    326. 

  326.     if ($bHttpOnly) {
    327. 

  327.         $sHeader .= "; HttpOnly";
    328. 

  328.     }
    329. 

  329.     // $sHeader .= "; Version=1";
    330. 

  330.     $sCookieCache .= $sHeader ."\r\n";
    331. 

  331.     //header($sHeader."\r\n");
    332. 

  332. }
    333. 

  333. 

  334. /**
    335. 

  335.  * Send the cookie header
    336. 

  336.  *
    337. 

  337.  * Cookies set with sqsetcookie will bet set after a sqsetcookieflush call.
    338. 

  338.  * @return void
    339. 

  339.  */
    340. 

  340. function sqsetcookieflush() {
    341. 

  341.     sqsetcookie('','','','','','','',true);
    342. 

  342. }
    343. 

  343. 

  344. /**
    345. 

  345.  * session_regenerate_id replacement for PHP < 4.3.2
    346. 

  346.  *
    347. 

  347.  * This code is borrowed from Gallery, session.php version 1.53.2.1
    348. 

  348.  */
    349. 

  349. if (!function_exists('session_regenerate_id')) {
    350. 

  350.     function make_seed() {
    351. 

  351.         list($usec, $sec) = explode(' ', microtime());
    352. 

  352.         return (float)$sec + ((float)$usec * 100000);
    353. 

  353.     }
    354. 

  354. 

  355.     function php_combined_lcg() {
    356. 

  356.         mt_srand(make_seed());
    357. 

  357.         $tv = gettimeofday();
    358. 

  358.         $lcg['s1'] = $tv['sec'] ^ (~$tv['usec']);
    359. 

  359.         $lcg['s2'] = mt_rand();
    360. 

  360.         $q = (int) ($lcg['s1'] / 53668);
    361. 

  361.         $lcg['s1'] = (int) (40014 * ($lcg['s1'] - 53668 * $q) - 12211 * $q);
    362. 

  362.         if ($lcg['s1'] < 0) {
    363. 

  363.             $lcg['s1'] += 2147483563;
    364. 

  364.         }
    365. 

  365.         $q = (int) ($lcg['s2'] / 52774);
    366. 

  366.         $lcg['s2'] = (int) (40692 * ($lcg['s2'] - 52774 * $q) - 3791 * $q);
    367. 

  367.         if ($lcg['s2'] < 0) {
    368. 

  368.             $lcg['s2'] += 2147483399;
    369. 

  369.         }
    370. 

  370.         $z = (int) ($lcg['s1'] - $lcg['s2']);
    371. 

  371.         if ($z < 1) {
    372. 

  372.             $z += 2147483562;
    373. 

  373.         }
    374. 

  374.         return $z * 4.656613e-10;
    375. 

  375.     }
    376. 

  376. 

  377.     function session_regenerate_id() {
    378. 

  378.         global $base_uri;
    379. 

  379.         $tv = gettimeofday();
    380. 

  380.         sqgetGlobalVar('REMOTE_ADDR',$remote_addr,SQ_SERVER);
    381. 

  381.         $buf = sprintf("%.15s%ld%ld%0.8f", $remote_addr, $tv['sec'], $tv['usec'], php_combined_lcg() * 10);
    382. 

  382.         session_id(md5($buf));
    383. 

  383.         if (ini_get('session.use_cookies')) {
    384. 

  384.             // at a later stage we use sqsetcookie. At this point just do
    385. 

  385.             // what session_regenerate_id would do
    386. 

  386.             setcookie(session_name(), session_id(), NULL, $base_uri);
    387. 

  387.         }
    388. 

  388.         return TRUE;
    389. 

  389.     }
    390. 

  390. }
    391. 

  391. 

  392. 

  393. /**
    394. 

  394.  * php_self
    395. 

  395.  *
    396. 

  396.  * Creates an URL for the page calling this function, using either the PHP global
    397. 

  397.  * REQUEST_URI, or the PHP global PHP_SELF with QUERY_STRING added. Before 1.5.1
    398. 

  398.  * function was stored in function/strings.php.
    399. 

  399.  *
    400. 

  400.  * @return string the complete url for this page
    401. 

  401.  * @since 1.2.3
    402. 

  402.  */
    403. 

  403. function php_self () {
    404. 

  404.     if ( sqgetGlobalVar('REQUEST_URI', $req_uri, SQ_SERVER) && !empty($req_uri) ) {
    405. 

  405.       return $req_uri;
    406. 

  406.     }
    407. 

  407. 

  408.     if ( sqgetGlobalVar('PHP_SELF', $php_self, SQ_SERVER) && !empty($php_self) ) {
    409. 

  409. 

  410.       // need to add query string to end of PHP_SELF to match REQUEST_URI
    411. 

  411.       //
    412. 

  412.       if ( sqgetGlobalVar('QUERY_STRING', $query_string, SQ_SERVER) && !empty($query_string) ) {
    413. 

  413.          $php_self .= '?' . $query_string;
    414. 

  414.       }
    415. 

  415. 

  416.       return $php_self;
    417. 

  417.     }
    418. 

  418. 

  419.     return '';
    420. 

  420. }
    421. 

  421. 

  422.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5