From 0af4d1943c3e3986f78b8f7bb4a5bd4b907fea54 Mon Sep 17 00:00:00 2001
From: root <root@www.cacert.org>
Date: Fri, 5 Sep 2008 15:02:43 +0000
Subject: [PATCH] Improved register_globals

---
 includes/account.php | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/includes/account.php b/includes/account.php
index 673bac0..32538e9 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -1850,12 +1850,12 @@
 	if($oldid == 24 && $process != "")
 	{
 		$id = intval($oldid);
-		$_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($O)));
-		$_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($contact)));
-		$_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($L)));
-		$_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($ST)));
-		$_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($C)));
-		$_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($comments)));
+		$_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
+		$_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
+		$_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
+		$_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
+		$_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
+		$_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
 
 		if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
 		{
@@ -1877,12 +1877,12 @@
 	if($oldid == 27 && $process != "")
 	{
 		$id = intval($oldid);
-		$_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($O)));
-		$_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($contact)));
-		$_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($L)));
-		$_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($ST)));
-		$_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($C)));
-		$_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($comments)));
+		$_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
+		$_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
+		$_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
+		$_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
+		$_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
+		$_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
 
 		if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
 		{