Merged from MOODLE_14_STABLE: Committing skodak's fixes for sc#40 and #42

author mjollnir_ <mjollnir_>

Fri, 17 Dec 2004 01:43:06 +0000 (01:43 +0000)

committer mjollnir_ <mjollnir_>

Fri, 17 Dec 2004 01:43:06 +0000 (01:43 +0000)
author mjollnir_ <mjollnir_>
Fri, 17 Dec 2004 01:43:06 +0000 (01:43 +0000)
committer mjollnir_ <mjollnir_>
Fri, 17 Dec 2004 01:43:06 +0000 (01:43 +0000)
diff --git a/lib/setup.php b/lib/setup.php

index 0de4c1717b98bafce9410f409ad9b7651427023f..3f2a47869051f70199081b2cc06e9575da81e655 100644 (file)
--- a/lib/setup.php
+++ b/lib/setup.php
@@ -248,6 +248,16 @@ global $THEME;
                  $_POST[$key] = $var;
              }
          }
+        foreach ($_COOKIE as $key => $var) {
+            if (!is_array($var)) {
+                $_COOKIE[$key] = addslashes($var);
+            } else {
+                foreach ($var as $arrkey => $arrvar) {
+                    $var[$arrkey] = addslashes($arrvar);
+                }
+                $_COOKIE[$key] = $var;
+            }
+        }
      }
  
  
@@ -269,7 +279,11 @@ global $THEME;
  /// Load up global environment variables
  
      class object {};
-    
+
+    unset(${'MoodleSession'.$CFG->sessioncookie});
+    unset($_GET['MoodleSession'.$CFG->sessioncookie]);
+    unset($_POST['MoodleSession'.$CFG->sessioncookie]);
+
      if (!isset($nomoodlecookie)) {
          session_name('MoodleSession'.$CFG->sessioncookie);
          @session_start();
@@ -283,6 +297,10 @@ global $THEME;
          $SESSION = &$_SESSION['SESSION'];   // Makes them easier to reference
          $USER    = &$_SESSION['USER'];
      }
+    else {
+        $SESSION = NULL;
+        $USER    = NULL;
+    }
  
      if (defined('FULLME')) {     // Usually in command-line scripts like admin/cron.php
          $FULLME = FULLME;
author	mjollnir_ <mjollnir_>
	Fri, 17 Dec 2004 01:43:06 +0000 (01:43 +0000)
committer	mjollnir_ <mjollnir_>
	Fri, 17 Dec 2004 01:43:06 +0000 (01:43 +0000)