From: mjollnir_ <mjollnir_>
Date: Fri, 17 Dec 2004 01:43:06 +0000 (+0000)
Subject: Merged from MOODLE_14_STABLE: Committing skodak's fixes for sc#40 and #42
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=24cc8ec9bad87f6b11bec8d2e990850eb7163110;p=moodle.git

Merged from MOODLE_14_STABLE: Committing skodak's fixes for sc#40 and #42
---

diff --git a/lib/setup.php b/lib/setup.php
index 0de4c1717b..3f2a478690 100644
--- a/lib/setup.php
+++ b/lib/setup.php
@@ -248,6 +248,16 @@ global $THEME;
                 $_POST[$key] = $var;
             }
         }
+        foreach ($_COOKIE as $key => $var) {
+            if (!is_array($var)) {
+                $_COOKIE[$key] = addslashes($var);
+            } else {
+                foreach ($var as $arrkey => $arrvar) {
+                    $var[$arrkey] = addslashes($arrvar);
+                }
+                $_COOKIE[$key] = $var;
+            }
+        }
     }
 
 
@@ -269,7 +279,11 @@ global $THEME;
 /// Load up global environment variables
 
     class object {};
-    
+
+    unset(${'MoodleSession'.$CFG->sessioncookie});
+    unset($_GET['MoodleSession'.$CFG->sessioncookie]);
+    unset($_POST['MoodleSession'.$CFG->sessioncookie]);
+
     if (!isset($nomoodlecookie)) {
         session_name('MoodleSession'.$CFG->sessioncookie);
         @session_start();
@@ -283,6 +297,10 @@ global $THEME;
         $SESSION = &$_SESSION['SESSION'];   // Makes them easier to reference
         $USER    = &$_SESSION['USER'];
     }
+    else {
+        $SESSION = NULL;
+        $USER    = NULL;
+    }
 
     if (defined('FULLME')) {     // Usually in command-line scripts like admin/cron.php
         $FULLME = FULLME;