[Phpgroupware-cvs] CVS: phpgwapi/inc functions.inc.php,1.172,1.173

[Ralf Becker <address@hidden>]

Update of /cvsroot/phpgroupware/phpgwapi/inc
In directory subversions:/tmp/cvs-serv29493

Modified Files:
        functions.inc.php 
Log Message:
merged sesson-functions for .16, incl. the brute-force stuffe and cacheing the 
data from other session in the appsession
fixed multidomain logins for register_globals off


Index: functions.inc.php
===================================================================
RCS file: /cvsroot/phpgroupware/phpgwapi/inc/functions.inc.php,v
retrieving revision 1.172
retrieving revision 1.173
diff -C2 -r1.172 -r1.173
*** functions.inc.php   5 May 2003 19:11:47 -0000       1.172
--- functions.inc.php   18 May 2003 19:17:49 -0000      1.173
***************
*** 22,35 ****
         * Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA        
    *
         
\**************************************************************************/
        /* $Id$ */
! 
!       
/***************************************************************************\
!       * If running in PHP3, then load up the support functions file for       
    *
!       * transparent support.                                                  
    *
!       
\***************************************************************************/
  
        if (floor(phpversion()) == 3)
        {
!               include(PHPGW_API_INC.'/php3_support_functions.inc.php');
        }
  
--- 22,37 ----
         * Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA        
    *
         
\**************************************************************************/
+       
        /* $Id$ */
!       
!       
/****************************************************************************\
!       * If running in PHP3, then force admin to upgrade                       
     *
!       
\****************************************************************************/
  
        if (floor(phpversion()) == 3)
        {
!               echo 'phpGroupWare now requires PHP 4.1 or greater.<br>';
!               echo 'Please contact your System Administrator';
!               exit;
        }
  
***************
*** 90,94 ****
        * Multi-Domain support                                                  
     *
        
\****************************************************************************/
! 
        /* make them fix their header */
        if (!isset($GLOBALS['phpgw_domain']))
--- 92,96 ----
        * Multi-Domain support                                                  
     *
        
\****************************************************************************/
!       
        /* make them fix their header */
        if (!isset($GLOBALS['phpgw_domain']))
***************
*** 98,134 ****
        }
        reset($GLOBALS['phpgw_domain']);
!       $default_domain = each($GLOBALS['phpgw_domain']);
!       $GLOBALS['phpgw_info']['server']['default_domain'] = $default_domain[0];
!       unset ($default_domain); // we kill this for security reasons
  
!       $GLOBALS['login'] = get_var('login',Array('POST'));
!       $GLOBALS['logindomain'] = get_var('logindomain',Array('POST'));
! 
!       /* This code will handle virtdomains so that is a user logins with 
address@hidden, it will switch into virtualization mode. */
!       if (isset($domain) && $domain)
!       {
!               $GLOBALS['phpgw_info']['user']['domain'] = $domain;
!       }
!       elseif (isset($GLOBALS['login']) && isset($GLOBALS['logindomain']))
        {
!               if (!ereg ("\@", $GLOBALS['login']))
                {
!                       $GLOBALS['login'] = $GLOBALS['login'] . '@' . 
$GLOBALS['logindomain'];
                }
!               $GLOBALS['phpgw_info']['user']['domain'] = 
$GLOBALS['logindomain'];
!               unset ($GLOBALS['logindomain']);
        }
!       elseif (isset($GLOBALS['login']) && !isset($GLOBALS['logindomain']))
        {
!               if (ereg ("\@", $GLOBALS['login']))
!               {
!                       $login_array = explode('@', $GLOBALS['login']);
!                       $GLOBALS['phpgw_info']['user']['domain'] = 
$login_array[1];
!               }
!               else
!               {
!                       $GLOBALS['phpgw_info']['user']['domain'] = 
$GLOBALS['phpgw_info']['server']['default_domain'];
!                       $GLOBALS['login'] = $GLOBALS['login'] . '@' . 
$GLOBALS['phpgw_info']['user']['domain'];
!               }
        }
  
--- 100,117 ----
        }
        reset($GLOBALS['phpgw_domain']);
!       list($GLOBALS['phpgw_info']['server']['default_domain']) = 
each($GLOBALS['phpgw_domain']);
  
!       if (isset($_POST['login']))     // on login
        {
!               $GLOBALS['login'] = $_POST['login'];
!               if (strstr($GLOBALS['login'],'@') === False)
                {
!                       $GLOBALS['login'] .= '@' . 
get_var('logindomain',array('POST'),$GLOBALS['phpgw_info']['server']['default_domain']);
                }
!               list(,$GLOBALS['phpgw_info']['user']['domain']) = 
explode('@',$GLOBALS['login']);
        }
!       else    // on "normal" pageview
        {
!               $GLOBALS['phpgw_info']['user']['domain'] = get_var('domain', 
array('GET', 'COOKIE'), FALSE);
        }
  
***************
*** 154,158 ****
                unset ($GLOBALS['phpgw_domain']); // we kill this for security 
reasons
        }
-       unset ($domain); // we kill this to save memory
  
        @print_debug('domain',$GLOBALS['phpgw_info']['user']['domain'],'api');
--- 137,140 ----
***************
*** 233,236 ****
--- 215,224 ----
        unset($server_info_cache);
  
+       if(@isset($GLOBALS['phpgw_info']['server']['enforce_ssl']) && !$HTTPS)
+       {
+               Header('Location: https://' . 
$GLOBALS['phpgw_info']['server']['hostname'] . 
$GLOBALS['phpgw_info']['server']['webserver_url'] . $_SERVER['REQUEST_URI']);
+               exit;
+       }
+ 
        
/************************************************************************\
        * Required classes                                                      
 *
***************
*** 290,303 ****
                if ($GLOBALS['phpgw_info']['flags']['currentapp'] == 'login')
                {
!                       
if(@isset($GLOBALS['phpgw_info']['server']['enforce_ssl']) && 
$GLOBALS['phpgw_info']['server']['enforce_ssl'] && 
!$GLOBALS['HTTP_SERVER_VARS']['HTTPS'])
!                       {
!                               
$GLOBALS['phpgw']->redirect($GLOBALS['HTTP_SERVER_VARS']['REQUEST_URI']);
!                       }
!                       if (@$login != '')
                        {
!                               $login_array = explode("@",$login);
!                               print_debug('LID : '.$login_array[0], 
'messageonly','api');
!                               $login_id = 
$GLOBALS['phpgw']->accounts->name2id($login_array[0]);
!                               print_debug('User ID : '.$login_id, 
'messageonly','api');
                                
$GLOBALS['phpgw']->accounts->accounts($login_id);
                                
$GLOBALS['phpgw']->preferences->preferences($login_id);
--- 278,287 ----
                if ($GLOBALS['phpgw_info']['flags']['currentapp'] == 'login')
                {
!                       if (@$_POST['login'] != '')
                        {
!                               list($login) = explode("@",$_POST['login']);
!                               print_debug('LID',$login,'app');
!                               $login_id = 
$GLOBALS['phpgw']->accounts->name2id($login);
!                               print_debug('User ID',$login_id,'app');
                                
$GLOBALS['phpgw']->accounts->accounts($login_id);
                                
$GLOBALS['phpgw']->preferences->preferences($login_id);