diff --git a/phpgwapi/inc/class.common.inc.php b/phpgwapi/inc/class.common.inc.php index 9729de5bca..4f3ade3e14 100644 --- a/phpgwapi/inc/class.common.inc.php +++ b/phpgwapi/inc/class.common.inc.php @@ -687,18 +687,18 @@ } // Setting this for display of template choices in user preferences - if ($GLOBALS['phpgw_info']['server']['template_set'] == 'user_choice') + if (@$GLOBALS['phpgw_info']['server']['template_set'] == 'user_choice') { $GLOBALS['phpgw_info']['server']['usrtplchoice'] = 'user_choice'; } - if (($GLOBALS['phpgw_info']['server']['template_set'] == 'user_choice' || + if ((@$GLOBALS['phpgw_info']['server']['template_set'] == 'user_choice' || !isset($GLOBALS['phpgw_info']['server']['template_set'])) && isset($GLOBALS['phpgw_info']['user']['preferences']['common']['template_set'])) { $GLOBALS['phpgw_info']['server']['template_set'] = $GLOBALS['phpgw_info']['user']['preferences']['common']['template_set']; } - elseif ($GLOBALS['phpgw_info']['server']['template_set'] == 'user_choice' || + elseif (@$GLOBALS['phpgw_info']['server']['template_set'] == 'user_choice' || !isset($GLOBALS['phpgw_info']['server']['template_set'])) { $GLOBALS['phpgw_info']['server']['template_set'] = 'default'; @@ -1250,13 +1250,18 @@ */ function show_date($t = '', $format = '') { - if (! $t) + if (!$t) { - $t = time(); + if(!is_object($GLOBALS['phpgw']->datetime)) + { + $GLOBALS['phpgw']->datetime = createobject('phpgwapi.datetime'); + } + $t = $GLOBALS['phpgw']->datetime->gmtnow; } - $t = $t + ((60*60) * $GLOBALS['phpgw_info']['user']['preferences']['common']['tz_offset']); - + // + (date('I') == 1?3600:0) + $t += (3600 * intval($GLOBALS['phpgw_info']['user']['preferences']['common']['tz_offset'])); + if (! $format) { $format = $GLOBALS['phpgw_info']['user']['preferences']['common']['dateformat'] . ' - '; diff --git a/phpgwapi/inc/class.nextmatchs.inc.php b/phpgwapi/inc/class.nextmatchs.inc.php index 82e8d98d53..f2e3849baf 100644 --- a/phpgwapi/inc/class.nextmatchs.inc.php +++ b/phpgwapi/inc/class.nextmatchs.inc.php @@ -61,9 +61,9 @@ $this->maxmatches = 15; } - if(isset($GLOBALS['HTTP_GET_VARS']['menuaction'])) + if(MENUACTION) { - $this->action = $GLOBALS['HTTP_GET_VARS']['menuaction']; + $this->action = MENUACTION; } } @@ -508,7 +508,7 @@ */ function searchby($search_obj) { - $qfield = $GLOBALS['HTTP_POST_VARS']['qfield'] ? $GLOBALS['HTTP_POST_VARS']['qfield'] : $GLOBALS['HTTP_GET_VARS']['qfield']; + $qfield = get_var('qfield',Array('GET','POST')); $str = ''; if(is_array($search_obj)) @@ -542,7 +542,7 @@ } else { - $filter = $GLOBALS['HTTP_POST_VARS']['filter'] ? $GLOBALS['HTTP_POST_VARS']['filter'] : $GLOBALS['HTTP_GET_VARS']['filter']; + $filter = get_var('filter',Array('GET','POST')); } if(is_long($filter_obj)) diff --git a/phpgwapi/inc/class.sessions_db.inc.php b/phpgwapi/inc/class.sessions_db.inc.php index 656c695970..370d115011 100644 --- a/phpgwapi/inc/class.sessions_db.inc.php +++ b/phpgwapi/inc/class.sessions_db.inc.php @@ -625,9 +625,9 @@ function update_dla() { global $PHP_SELF; - if (@isset($GLOBALS['HTTP_GET_VARS']['menuaction'])) + if(MENUACTION) { - $action = $GLOBALS['HTTP_GET_VARS']['menuaction']; + $action = MENUACTION; } else { diff --git a/phpgwapi/inc/class.sessions_php4.inc.php b/phpgwapi/inc/class.sessions_php4.inc.php index 0ddebb562f..e113e54fda 100644 --- a/phpgwapi/inc/class.sessions_php4.inc.php +++ b/phpgwapi/inc/class.sessions_php4.inc.php @@ -53,8 +53,8 @@ \*************************************************************************/ function sessions() { - $this->sessionid = (isset($GLOBALS['HTTP_GET_VARS']['sessionid'])?$GLOBALS['HTTP_GET_VARS']['sessionid']:(isset($GLOBALS['HTTP_COOKIE_VARS']['sessionid'])?$GLOBALS['HTTP_COOKIE_VARS']['sessionid']:'')); - $this->kp3 = (isset($GLOBALS['HTTP_GET_VARS']['kp3'])?$GLOBALS['HTTP_GET_VARS']['kp3']:(isset($GLOBALS['HTTP_COOKIE_VARS']['kp3'])?$GLOBALS['HTTP_COOKIE_VARS']['kp3']:'')); + $this->sessionid = get_var('sessionid',Array('COOKIE','GET')); + $this->kp3 = get_var('kp3',Array('COOKIE','GET')); /* Create the crypto object */ $GLOBALS['phpgw']->crypto = CreateObject('phpgwapi.crypto'); } @@ -113,8 +113,8 @@ { if(empty($sessionid) || !$sessionid) { - $sessionid = $GLOBALS['HTTP_GET_VARS']['sessionid'] ? $GLOBALS['HTTP_GET_VARS']['sessionid'] : $GLOBALS['HTTP_COOKIE_VARS']['sessionid']; - $kp3 = $GLOBALS['HTTP_GET_VARS']['kp3'] ? $GLOBALS['HTTP_GET_VARS']['kp3'] : $GLOBALS['HTTP_COOKIE_VARS']['kp3']; + $sessionid = get_var('sessionid',Array('COOKIE','GET')); + $kp3 = get_var('kp3',Array('COOKIE','GET')); } $this->sessionid = $sessionid; @@ -619,9 +619,9 @@ function update_dla() { global $PHP_SELF; - if (@isset($GLOBALS['HTTP_GET_VARS']['menuaction'])) + if(MENUACTION) { - $action = $GLOBALS['HTTP_GET_VARS']['menuaction']; + $action = MENUACTION; } else { @@ -841,7 +841,7 @@ \*************************************************************************/ function link($url, $extravars = '') { - $kp3 = $GLOBALS['HTTP_GET_VARS']['kp3'] ? $GLOBALS['HTTP_GET_VARS']['kp3'] : $GLOBALS['HTTP_COOKIE_VARS']['kp3']; + $kp3 = get_var('kp3',Array('COOKIE','GET')); if (! $kp3) { diff --git a/phpgwapi/inc/class.setup.inc.php b/phpgwapi/inc/class.setup.inc.php index 1044e9c1a1..e807eb6993 100644 --- a/phpgwapi/inc/class.setup.inc.php +++ b/phpgwapi/inc/class.setup.inc.php @@ -49,7 +49,7 @@ if(empty($GLOBALS['ConfigDomain'])) { /* This is to fix the reading of this value immediately after the cookie was set on login */ - $GLOBALS['ConfigDomain'] = @$GLOBALS['HTTP_POST_VARS']['FormDomain'] ? @$GLOBALS['HTTP_POST_VARS']['FormDomain'] : 'default'; + $GLOBALS['ConfigDomain'] = get_var('ConfigDomain',Array('DEFAULT','POST'),'default'); } $GLOBALS['phpgw_info']['server']['db_type'] = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_type']; diff --git a/phpgwapi/inc/class.setup_detection.inc.php b/phpgwapi/inc/class.setup_detection.inc.php index cfc346d582..bd0d5ed961 100644 --- a/phpgwapi/inc/class.setup_detection.inc.php +++ b/phpgwapi/inc/class.setup_detection.inc.php @@ -62,7 +62,7 @@ $setup_info[$GLOBALS['phpgw_setup']->db->f('app_name')]['enabled'] = $GLOBALS['phpgw_setup']->db->f('app_enabled'); } /* This is to catch old setup installs that did not have phpgwapi listed as an app */ - $tmp = $setup_info['phpgwapi']['version']; /* save the file version */ + $tmp = @$setup_info['phpgwapi']['version']; /* save the file version */ if(!@$setup_info['phpgwapi']['currentver']) { $setup_info['phpgwapi']['currentver'] = $setup_info['admin']['currentver']; diff --git a/phpgwapi/inc/class.setup_html.inc.php b/phpgwapi/inc/class.setup_html.inc.php index 8b59d5b86d..539309480d 100644 --- a/phpgwapi/inc/class.setup_html.inc.php +++ b/phpgwapi/inc/class.setup_html.inc.php @@ -26,14 +26,16 @@ $GLOBALS['header_template']->set_block('header','domain','domain'); $var = Array(); - @reset($GLOBALS['HTTP_POST_VARS']['domains']); - while(list($k,$v) = @each($GLOBALS['HTTP_POST_VARS']['domains'])) + $deletedomain = get_var('deletedomain',Array('POST')); + $domains = get_var('domains',Array('POST')); + @reset($domains); + while($domains && list($k,$v) = @each($domains)) { - if(isset($GLOBALS['HTTP_POST_VARS']['deletedomain'][$v])) + if(isset($deletedomain[$v])) { continue; } - $dom = $GLOBALS['HTTP_POST_VARS']["setting_$v"]; + $dom = get_var('setting_'.$v,Array('POST')); $GLOBALS['header_template']->set_var('DB_DOMAIN',$v); while(list($x,$y) = @each($dom)) { @@ -44,7 +46,8 @@ $GLOBALS['header_template']->set_var('domain',''); - while(list($k,$v) = @each($GLOBALS['HTTP_POST_VARS']['setting'])) + $setting = get_var('setting',Array('POST')); + while($setting && list($k,$v) = @each($setting)) { $var[strtoupper($k)] = $v; } diff --git a/phpgwapi/inc/class.setup_translation.inc.php b/phpgwapi/inc/class.setup_translation.inc.php index 2df184c520..1f39537a67 100644 --- a/phpgwapi/inc/class.setup_translation.inc.php +++ b/phpgwapi/inc/class.setup_translation.inc.php @@ -35,7 +35,7 @@ */ function setup_translation() { - $ConfigLang = @$GLOBALS['HTTP_COOKIE_VARS']['ConfigLang'] ? @$GLOBALS['HTTP_COOKIE_VARS']['ConfigLang'] : @$GLOBALS['HTTP_POST_VARS']['ConfigLang']; + $ConfigLang = get_var('ConfigLang',Array('POST','COOKIE')); /* TODO */ /* diff --git a/phpgwapi/inc/footer.inc.php b/phpgwapi/inc/footer.inc.php index f75eb60cff..07dc054342 100644 --- a/phpgwapi/inc/footer.inc.php +++ b/phpgwapi/inc/footer.inc.php @@ -34,16 +34,16 @@ /**************************************************************************\ * Include the apps footer files if it exists * \**************************************************************************/ - if ((file_exists (PHPGW_APP_INC . '/footer.inc.php') || isset($GLOBALS['HTTP_GET_VARS']['menuaction'])) && + if((file_exists (PHPGW_APP_INC . '/footer.inc.php') || MENUACTION)) && $GLOBALS['phpgw_info']['flags']['currentapp'] != 'home' && $GLOBALS['phpgw_info']['flags']['currentapp'] != 'login' && $GLOBALS['phpgw_info']['flags']['currentapp'] != 'logout' && !@$GLOBALS['phpgw_info']['flags']['noappfooter']) { - if ($GLOBALS['HTTP_GET_VARS']['menuaction']) + if(MENUACTION) { - list($app,$class,$method) = explode('.',$GLOBALS['HTTP_GET_VARS']['menuaction']); - if (is_array($GLOBALS[$class]->public_functions) && $GLOBALS[$class]->public_functions['footer']) + list($app,$class,$method) = explode('.',MENUACTION); + if(is_array($GLOBALS[$class]->public_functions) && $GLOBALS[$class]->public_functions['footer']) { // eval("\$GLOBALS[$class]->footer();"); $GLOBALS[$class]->footer(); diff --git a/phpgwapi/inc/functions.inc.php b/phpgwapi/inc/functions.inc.php index 177b22cb3a..386a555de5 100644 --- a/phpgwapi/inc/functions.inc.php +++ b/phpgwapi/inc/functions.inc.php @@ -104,8 +104,8 @@ $GLOBALS['phpgw_info']['server']['default_domain'] = $default_domain[0]; unset ($default_domain); // we kill this for security reasons - $GLOBALS['login'] = @$GLOBALS['HTTP_POST_VARS']['login']; - $GLOBALS['logindomain'] = @$GLOBALS['HTTP_POST_VARS']['logindomain']; + $GLOBALS['login'] = get_var('login',Array('POST')); + $GLOBALS['logindomain'] = get_var('logindomain',Array('POST')); /* This code will handle virtdomains so that is a user logins with user@domain.com, it will switch into virtualization mode. */ if (isset($domain) && $domain) @@ -251,7 +251,6 @@ $GLOBALS['phpgw']->session = CreateObject('phpgwapi.sessions'); $GLOBALS['phpgw']->preferences = CreateObject('phpgwapi.preferences'); $GLOBALS['phpgw']->applications = CreateObject('phpgwapi.applications'); - // $GLOBALS['phpgw']->datetime = CreateObject('phpgwapi.datetime'); print_debug('main class loaded', 'messageonly','api'); if (! isset($GLOBALS['phpgw_info']['flags']['included_classes']['error']) || ! $GLOBALS['phpgw_info']['flags']['included_classes']['error']) @@ -306,6 +305,8 @@ exit; } + $GLOBALS['phpgw']->datetime = CreateObject('phpgwapi.datetime'); + /* A few hacker resistant constants that will be used throught the program */ define('PHPGW_TEMPLATE_DIR', ExecMethod('phpgwapi.phpgw.common.get_tpl_dir', 'phpgwapi')); define('PHPGW_IMAGES_DIR', ExecMethod('phpgwapi.phpgw.common.get_image_path', 'phpgwapi')); @@ -326,6 +327,9 @@ define('PHPGW_ACL_PRIVATE',16); */ + /******* Define the GLOBALS['MENUACTION'] *******/ + define('MENUACTION',get_var('menuaction',Array('GET'))); + /********* This sets the user variables *********/ $GLOBALS['phpgw_info']['user']['private_dir'] = $GLOBALS['phpgw_info']['server']['files_dir'] . '/users/'.$GLOBALS['phpgw_info']['user']['userid']; @@ -450,13 +454,13 @@ * Load the app include files if the exists * \*************************************************************************/ /* Then the include file */ - if (! preg_match ("/phpgwapi/i", PHPGW_APP_INC) && file_exists(PHPGW_APP_INC . '/functions.inc.php') && !isset($GLOBALS['HTTP_GET_VARS']['menuaction'])) + if (! preg_match ("/phpgwapi/i", PHPGW_APP_INC) && file_exists(PHPGW_APP_INC . '/functions.inc.php') && !MENUACTION) { include(PHPGW_APP_INC . '/functions.inc.php'); } if (!@$GLOBALS['phpgw_info']['flags']['noheader'] && !@$GLOBALS['phpgw_info']['flags']['noappheader'] && - file_exists(PHPGW_APP_INC . '/header.inc.php') && !isset($GLOBALS['HTTP_GET_VARS']['menuaction'])) + file_exists(PHPGW_APP_INC . '/header.inc.php') && !MENUACTION) { include(PHPGW_APP_INC . '/header.inc.php'); }