From f88d417c96119b8e50297b930b14fe6ff9a1c5ed Mon Sep 17 00:00:00 2001 From: thomascube <thomas@roundcube.net> Date: Sun, 19 Feb 2006 13:34:34 -0500 Subject: [PATCH] Applied several patches --- index.php | 21 +++++++++++++++++++-- 1 files changed, 19 insertions(+), 2 deletions(-) diff --git a/index.php b/index.php index fd356c8..b3c372e 100644 --- a/index.php +++ b/index.php @@ -2,7 +2,7 @@ /* +-----------------------------------------------------------------------+ | RoundCube Webmail IMAP Client | - | Version 0.1-20060104 | + | Version 0.1b-20060219 | | | | Copyright (C) 2005, RoundCube Dev. - Switzerland | | Licensed under the GNU GPL | @@ -40,7 +40,7 @@ */ -define('RCMAIL_VERSION', '0.1-20060104'); +define('RCMAIL_VERSION', '0.1b-20060219'); // define global vars @@ -83,6 +83,23 @@ // PEAR::setErrorHandling(PEAR_ERROR_TRIGGER, E_USER_NOTICE); +// strip magic quotes from Superglobals... +if ((bool)get_magic_quotes_gpc()) // by "php Pest" + { + // Really EGPCSR - Environment $_ENV, GET $_GET , POST $_POST, Cookie $_COOKIE, Server $_SERVER + // and their HTTP_*_VARS cousins (separate arrays, not references) and $_REQUEST + $fnStripMagicQuotes = create_function( + '&$mData, $fnSelf', + 'if (is_array($mData)) { foreach ($mData as $mKey=>$mValue) $fnSelf($mData[$mKey], $fnSelf); return; } '. + '$mData = stripslashes($mData);' + ); + + // do each set of EGPCSR as you find necessary + $fnStripMagicQuotes($_POST, $fnStripMagicQuotes); + $fnStripMagicQuotes($_GET, $fnStripMagicQuotes); + } + + // catch some url/post parameters $_auth = !empty($_POST['_auth']) ? $_POST['_auth'] : $_GET['_auth']; $_task = !empty($_POST['_task']) ? $_POST['_task'] : (!empty($_GET['_task']) ? $_GET['_task'] : 'mail'); -- Gitblit v1.9.1