From f3609ff15d7accaff248485bfb754b413a054029 Mon Sep 17 00:00:00 2001
From: root <root@www.cacert.org>
Date: Fri, 19 Sep 2008 20:23:23 +0000
Subject: [PATCH] Improved register_globals

---
 www/index.php | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/www/index.php b/www/index.php
index 111bd32..0c1a230 100644
--- a/www/index.php
+++ b/www/index.php
@@ -130,9 +130,9 @@
 	if($oldid == 5 && $process != "")
 	{
 		$email = $_SESSION['lostpw']['email'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['email']))));
-		$_SESSION['lostpw']['day'] = intval($day);
-		$_SESSION['lostpw']['month'] = intval($month);
-		$_SESSION['lostpw']['year'] = intval($year);
+		$_SESSION['lostpw']['day'] = intval($_REQUEST['day']);
+		$_SESSION['lostpw']['month'] = intval($_REQUEST['month']);
+		$_SESSION['lostpw']['year'] = intval($_REQUEST['year']);
 		$dob = $_SESSION['lostpw']['year']."-".$_SESSION['lostpw']['month']."-".$_SESSION['lostpw']['day'];
 		$query = "select * from `users` where `email`='$email' and `dob`='$dob'";
 		$res = mysql_query($query);
@@ -378,10 +378,10 @@
 		$_SESSION['signup']['A3'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
 		$_SESSION['signup']['A4'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
 		$_SESSION['signup']['A5'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
-		$_SESSION['signup']['general'] = intval($_REQUEST['general']);
-		$_SESSION['signup']['country'] = intval($_REQUEST['country']);
-		$_SESSION['signup']['regional'] = intval($_REQUEST['regional']);
-		$_SESSION['signup']['radius'] = intval($_REQUEST['radius']);
+		$_SESSION['signup']['general'] = intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0);
+		$_SESSION['signup']['country'] = intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0);
+		$_SESSION['signup']['regional'] = intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0);
+		$_SESSION['signup']['radius'] = intval(array_key_exists('radius',$_REQUEST)?$_REQUEST['radius']:0);
 
 		if($_SESSION['signup']['Q1'] == $_SESSION['signup']['Q2'] ||
 			$_SESSION['signup']['Q1'] == $_SESSION['signup']['Q3'] ||