From 24cc8ec9bad87f6b11bec8d2e990850eb7163110 Mon Sep 17 00:00:00 2001
From: mjollnir_ <mjollnir_>
Date: Fri, 17 Dec 2004 01:43:06 +0000
Subject: [PATCH] Merged from MOODLE_14_STABLE: Committing skodak's fixes for
 sc#40 and #42

---
 lib/setup.php | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/lib/setup.php b/lib/setup.php
index 0de4c1717b..3f2a478690 100644
--- a/lib/setup.php
+++ b/lib/setup.php
@@ -248,6 +248,16 @@ global $THEME;
                 $_POST[$key] = $var;
             }
         }
+        foreach ($_COOKIE as $key => $var) {
+            if (!is_array($var)) {
+                $_COOKIE[$key] = addslashes($var);
+            } else {
+                foreach ($var as $arrkey => $arrvar) {
+                    $var[$arrkey] = addslashes($arrvar);
+                }
+                $_COOKIE[$key] = $var;
+            }
+        }
     }
 
 
@@ -269,7 +279,11 @@ global $THEME;
 /// Load up global environment variables
 
     class object {};
-    
+
+    unset(${'MoodleSession'.$CFG->sessioncookie});
+    unset($_GET['MoodleSession'.$CFG->sessioncookie]);
+    unset($_POST['MoodleSession'.$CFG->sessioncookie]);
+
     if (!isset($nomoodlecookie)) {
         session_name('MoodleSession'.$CFG->sessioncookie);
         @session_start();
@@ -283,6 +297,10 @@ global $THEME;
         $SESSION = &$_SESSION['SESSION'];   // Makes them easier to reference
         $USER    = &$_SESSION['USER'];
     }
+    else {
+        $SESSION = NULL;
+        $USER    = NULL;
+    }
 
     if (defined('FULLME')) {     // Usually in command-line scripts like admin/cron.php
         $FULLME = FULLME;
-- 
2.39.5