Fix for http://bugs.cacert.org/view.php?id=1176

fix deprecation messages due to PHP update.

includes/general.php

@@ -21,10 +21,10 @@
 	session_name("cacert");
 	session_start();
 
-	session_register("_config");
+//	session_register("_config");
-	session_register("profile");
+//	session_register("profile");
-	session_register("signup");
+//	session_register("signup");
-	session_register("lostpw");
+//	session_register("lostpw");
 //	if($_SESSION['profile']['id'] > 0)
 //		session_regenerate_id();
 
@@ -536,7 +536,7 @@
 		$myemail = mysql_real_escape_string($email);
 		if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\+\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email))
 		{
-			list($username,$domain)=split('@',$email);
+			list($username,$domain)=explode('@',$email,2);
 			$dom = escapeshellarg($domain);
 			$line = trim(`dig +short MX $dom 2>&1`);
 #echo $email."-$dom-$line-\n";

includes/loggedin.php

@@ -18,20 +18,29 @@
 
 	include_once("../includes/lib/general.php");
 	require_once("../includes/lib/l10n.php");
+	include_once("../includes/mysql.php");
+
+	if(!isset($_SESSION['profile']) || !is_array($_SESSION['profile'])) {
+		$_SESSION['profile'] = array( 'id' => 0, 'loggedin' => 0 );
+	}
+	if(!isset($_SESSION['profile']['id']) || !isset($_SESSION['profile']['loggedin'])) {
+		$_SESSION['profile']['id'] = 0;
+		$_SESSION['profile']['loggedin'] = 0;
+	}
 
 	if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] != 0)
 	{
 		$uid = $_SESSION['profile']['id'];
 		$_SESSION['profile']['loggedin'] = 0;
 		$_SESSION['profile'] = "";
-		foreach($_SESSION as $key)
+		foreach($_SESSION as $key => $value)
 		{
-			if($key == '_config')
+			if($key == '_config' || $key == 'mconn' || 'csrf_' == substr($key, 0, 5))
 				continue;
 			if(is_int($key) || is_string($key))
 		                unset($_SESSION[$key]);
-	                unset($$key);
+		        unset($$key);
-        	        session_unregister($key);
+		        //session_unregister($key);
 		}
 
 		$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$uid'"));
@@ -50,14 +59,14 @@
 		{
 			$_SESSION['profile']['loggedin'] = 0;
 			$_SESSION['profile'] = "";
-			foreach($_SESSION as $key)
+			foreach($_SESSION as $key => $value)
 			{
-				if($key == '_config')
+				if($key == '_config' || $key == 'mconn' || 'csrf_' == substr($key, 0, 5))
 					continue;
 				if(is_int($key) || is_string($key))
 			                unset($_SESSION[$key]);
-                		unset($$key);
+			        unset($$key);
-       			        session_unregister($key);
+			        //session_unregister($key);
 			}
 
 			$_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
@@ -69,16 +78,16 @@
 		} else {
 			$_SESSION['profile']['loggedin'] = 0;
 			$_SESSION['profile'] = "";
-			foreach($_SESSION as $key)
+			foreach($_SESSION as $key => $value)
 			{
-				if($key == '_config')
+				if($key == '_config' || $key == 'mconn' || 'csrf_' == substr($key, 0, 5))
 					continue;
-		                unset($_SESSION[$key]);
+			        unset($_SESSION[$key]);
-	                	unset($$key);
+			        unset($$key);
-        		        session_unregister($key);
+			        //session_unregister($key);
 			}
 
-			unset($_SESSION['_config']['oldlocation']);
+			$_SESSION['_config']['oldlocation'] = '';
 
 			foreach($_GET as $key => $val)
 			{
@@ -127,9 +136,9 @@
 		$_SESSION['profile'] = "";
 		foreach($_SESSION as $key => $value)
 		{
-	                unset($_SESSION[$key]);
+		        unset($_SESSION[$key]);
-	                unset($$key);
+		        unset($$key);
-        	        session_unregister($key);
+		        //session_unregister($key);
 		}
 
 		header("location: https://".$normalhost."/index.php");
@@ -138,11 +147,11 @@
 
 	if($_SESSION['profile']['loggedin'] < 1)
 	{
-		unset($_SESSION['_config']['oldlocation']);
+		$_SESSION['_config']['oldlocation'] = '';
 
 		foreach($_REQUEST as $key => $val)
 		{
-			if($_SESSION['_config']['oldlocation'])
+			if('' != $_SESSION['_config']['oldlocation'])
 				$_SESSION['_config']['oldlocation'] .= "&";
 
 			$key = str_replace(array("\n", "\r"), '', $key);

pages/account/43.php

@@ -35,6 +35,8 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
 
   if(intval(array_key_exists('userid',$_REQUEST)?$_REQUEST['userid']:0) <= 0)
   {
+    $_REQUEST['userid'] = 0;
+
     $emailsearch = $email = mysql_escape_string(stripslashes($_REQUEST['email']));
 
     //Disabled to speed up the queries
@@ -890,17 +892,19 @@ function showassuredby()
 <br><br>
 <? } }
 
-switch ($_GET['shownotary'])
+if(isset($_GET['shownotary'])) {
-        {
+    switch($_GET['shownotary']) {
-	case 'assuredto': 	showassuredto();
+        case 'assuredto':
-				break;
+            showassuredto();
-	case 'assuredby':	showassuredby();
+            break;
-				break;
+        case 'assuredby':
-	case 'assuredto15':	output_received_assurances(intval($_GET['userid']),1);
+            showassuredby();
-				break;
+            break;
-	case 'assuredby15': 	output_given_assurances(intval($_GET['userid']),1);
+        case 'assuredto15':
-				break;
+            output_received_assurances(intval($_GET['userid']),1);
-	}
+            break;
-
+        case 'assuredby15':
-
+            output_given_assurances(intval($_GET['userid']),1);
-?>
+            break;
+    }
+}