Improved register_globals

www/cap.php

@@ -33,7 +33,7 @@
 	{
 		function Header()
 		{
-			$this->Image($_REQUEST['bw']?'images/CAcert-logo-mono-1000.png':'images/CAcert-logo-colour-1000.png',8,8,100);
+			$this->Image((array_key_exists('bw',$_REQUEST) && $_REQUEST['bw'])?'images/CAcert-logo-mono-1000.png':'images/CAcert-logo-colour-1000.png',8,8,100);
 			$this->SetFont('Arial','B',14);
 			if($_SESSION['_config']['language'] == "ja_JP")
 				$this->SetFont('SJIS','',14);
@@ -250,11 +250,11 @@
 		}	
 	}
 
-	$format = $_GET['format'];
+	$format = array_key_exists('format',$_REQUEST)?$_REQUEST['format']:"";
 	if($format != "letter")
 		$format = "A4";
 
-	$maxpoints = intval($_GET['maxpoints']);
+	$maxpoints = array_key_exists('maxpoints',$_REQUEST)?intval($_GET['maxpoints']):0;
 	if($maxpoints < 0)
 		$maxpoints = 0;
 //	if($maxpoints == 0)
@@ -265,7 +265,7 @@
 		$pdf->AddSJISFont();
 	$pdf->Open();
 	$pdf->AddPage();
-	$pdf->Body($_GET['name'], $_GET['dob'], $_GET['email'], $_GET['assurer'], $_GET['date'], $maxpoints, $_GET['document1'], $_GET['document2'], $_GET['location']);
+	$pdf->Body(array_key_exists('name',$_REQUEST)?$_REQUEST['name']:"", array_key_exists('dob',$_REQUEST)?$_REQUEST['dob']:"", array_key_exists('email',$_REQUEST)?$_REQUEST['email']:"", array_key_exists('assurer',$_REQUEST)?$_REQUEST['assurer']:"", array_key_exists('date',$_REQUEST)?$_REQUEST['date']:"", $maxpoints, array_key_exists('document1',$_REQUEST)?$_REQUEST['document1']:"", array_key_exists('document2',$_REQUEST)?$_REQUEST['document2']:"", array_key_exists('location',$_REQUEST)?$_REQUEST['location']:"");
 	header("Expires: ".gmdate("D, j M Y G:i:s \G\M\T", time()+10800));
 	header("Content-Disposition: attachment; filename=cap.pdf"); 
 	header("Cache-Control: public, max-age=10800");