Getting rid of dependency on register_globals in php.ini

git-svn-id: svn://svn.zabbix.com/trunk@460 97f52cf1-0a1b-0410-bd0e-c28be96e8082

1 files changed, 9 insertions, 9 deletions

diff --git a/frontends/php/index.php b/frontends/php/index.php
index b906ff30..57eb0a52 100644
--- a/frontends/php/index.php
+++ b/frontends/php/index.php
@@ -4,16 +4,16 @@
 
 	include "include/config.inc.php";
 
-	if(isset($reconnect))
+	if(isset($HTTP_GET_VARS["reconnect"]))
 	{
-		setcookie("sessionid",$sessionid,time()-3600);
-		unset($sessionid);
+		setcookie("sessionid",$HTTP_COOKIE_VARS["sessionid"],time()-3600);
+		unset($HTTP_COOKIE_VARS["sessionid"]);
 	}
 
-	if(isset($register)&&($register=="Enter"))
+	if(isset($HTTP_POST_VARS["register"])&&($HTTP_POST_VARS["register"]=="Enter"))
 	{
-		$password=md5($password);
-		$sql="select u.userid,u.alias,u.name,u.surname from users u where u.alias='$name' and u.passwd='$password'";
+		$password=md5($HTTP_POST_VARS["password"]);
+		$sql="select u.userid,u.alias,u.name,u.surname from users u where u.alias='".$HTTP_POST_VARS["name"]."' and u.passwd='$password'";
 		$result=DBselect($sql);
 		if(DBnum_rows($result)==1)
 		{
@@ -21,9 +21,9 @@
 			$USER_DETAILS["alias"]=DBget_field($result,0,1);
 			$USER_DETAILS["name"]=DBget_field($result,0,2);
 			$USER_DETAILS["surname"]=DBget_field($result,0,3);
-			$sessionid=md5(time().$password.$name.rand(0,10000000));
-			setcookie("sessionid",$sessionid,time()+3600);
-			$sql="insert into sessions (sessionid,userid,lastaccess) values ('$sessionid',".$USER_DETAILS["userid"].",".time().")";
+			$sessionid=md5(time().$password.$HTTP_POST_VARS["name"].rand(0,10000000));
+			setcookie("sessionid",$HTTP_COOKIE_VARS["sessionid"],time()+3600);
+			$sql="insert into sessions (sessionid,userid,lastaccess) values ('".$HTTP_COOKIE_VARS["sessionid"]."',".$USER_DETAILS["userid"].",".time().")";
 			DBexecute($sql);
 		}
 	}