diff options
Diffstat (limited to 'mail/squirrelmail/patches/patch-ac')
| -rw-r--r-- | mail/squirrelmail/patches/patch-ac | 59 |
1 files changed, 0 insertions, 59 deletions
diff --git a/mail/squirrelmail/patches/patch-ac b/mail/squirrelmail/patches/patch-ac deleted file mode 100644 index d02c29b17d7..00000000000 --- a/mail/squirrelmail/patches/patch-ac +++ /dev/null @@ -1,59 +0,0 @@ -$NetBSD: patch-ac,v 1.3 2006/06/04 12:31:31 tron Exp $ - ---- functions/global.php.orig 2006-02-03 22:27:47.000000000 +0000 -+++ functions/global.php 2006-06-04 13:22:14.000000000 +0100 -@@ -62,6 +62,47 @@ - sqstripslashes($_POST); - } - -+/** -+ * If register_globals are on, unregister globals. -+ * Code requires PHP 4.1.0 or newer. -+ * Second test covers boolean set as string (php_value register_globals off). -+ */ -+if ((bool) @ini_get('register_globals') && -+ strtolower(ini_get('register_globals'))!='off') { -+ /** -+ * Remove all globals from $_GET, $_POST, and $_COOKIE. -+ */ -+ foreach ($_REQUEST as $key => $value) { -+ unset($GLOBALS[$key]); -+ } -+ /** -+ * Remove globalized $_FILES variables -+ * Before 4.3.0 $_FILES are included in $_REQUEST. -+ * Unglobalize them in separate call in order to remove dependency -+ * on PHP version. -+ */ -+ foreach ($_FILES as $key => $value) { -+ unset($GLOBALS[$key]); -+ // there are three undocumented $_FILES globals. -+ unset($GLOBALS[$key.'_type']); -+ unset($GLOBALS[$key.'_name']); -+ unset($GLOBALS[$key.'_size']); -+ } -+ /** -+ * Remove globalized environment variables. -+ */ -+ foreach ($_ENV as $key => $value) { -+ unset($GLOBALS[$key]); -+ } -+ /** -+ * Remove globalized server variables. -+ */ -+ foreach ($_SERVER as $key => $value) { -+ unset($GLOBALS[$key]); -+ } -+} -+ -+ - /* strip any tags added to the url from PHP_SELF. - This fixes hand crafted url XXS expoits for any - page that uses PHP_SELF as the FORM action */ -@@ -336,4 +377,4 @@ - } - - // vim: et ts=4 --?> -\ No newline at end of file -+?> |